Subject: Re: connecting as root
From: Darron Froese (darron@fudgehead.com)
Date: Sat Jan 29 2000 - 13:56:43 EST
on 1/29/00 11:14 AM, Martin Wilhelm Leidig at mwl@moss.net wrote:
> Could you (or another one) please explain those technical
> reasons a bit further (and why it shouldn't be a config file
> option therefor)?
Martin,
Generally, connecting as root is somewhat discouraged because of a few
reasons:
1. Since you are the "god" user on the system - a simple mistake when you're
deleting or overwriting things can be disastrous. You could destroy
everything and not get much warning - because you're root.
2. Connecting as the root user over such methods as telnet, ftp - or
anything else - exposes your root password in cleartext over the network.
That's another bad idea - if you don't understand why, then that's another
reason why you shouldn't be connecting as root.
The best way to connect to your box and administrate it is probably this:
1. Probably change your root password - as it's gone over the wire a few
times already. ;-)
2. Undo your changes to allow root to login via ftp and telnet.
3. Learn to use "su" to *change* to the root user when you're already logged
in with a normal username and password.
4. Download and install OpenSSH <http://www.openssh.org/> on your Linux box
- this is sort of like "encrypted telnet" - in other words, your password
(or any command for that matter) never goes over the wire in cleartext.
5. There is a ssh client for the MacOS for OpenSSH and you can get it here:
<http://www.lysator.liu.se/~jonasw/download/niftytelnet-1.1-ssh-r3.hqx>
Hope that helped at all. If you have any more questions - please let me
know.
-- Darron darron@fudgehead.com
This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:29:55 EST