[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] SFTP on Raq4 as Root?
- Subject: Re: [cobalt-security] SFTP on Raq4 as Root?
- From: "Zeffie" <cobalt-secur@xxxxxxxx>
- Date: Fri, 3 Aug 2001 00:02:31 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> > Quite literally, you have to be INSANE to allow root to login
> > directly in any manner whatsoever. Be it ftp, telnet, SSH - there is
> > no reason why you should allow this. You can transfer files as admin
> > and then chown them to root without compromising your security in
> > such a heinous manner.
Well Carrie.... yes and no.... if Mr. BadGuy get's in and types something
like....
"rm /bin/su" then you might find yourself locked out of your own box..
as mentioned in another post here the openssh package from
http://pkg.nl.cobalt.com/ will allow root logins by default... I recently
took advantage of this in the process of cleaning up a box and kicking
"them" out.
very very helpfull!
> By default, when you install the OpenSSH pkg from Cobalt.nl onto a Raq3i
> 4i, root can login (SSH Telnet) on either, and, root can sftp on a 3i.
> My question was why you could sftp as root on the 3i and not on the 4i.
I would suggest you look for diffrences in the two boxes... The package
works the same in both places.... (tested)
Zeffie
http://www.zeffie.com/