[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: New 2.9 install questions...
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: New 2.9 install questions...
- From: Steve Elkins <sgelkins_(_at_)_nortelnetworks_(_dot_)_com>
- Date: 15 Feb 2002 16:06:59 -0500
Henning Brauer <lists-openbsd_(_at_)_bsws_(_dot_)_de> writes:
> On Fri, Feb 15, 2002 at 03:01:55PM -0500, Eric LeBlanc wrote:
> > > Don't log in as root. You should not do that anyway.
> > >
> > Why?
> > Which difference between (in physical machine, not by telnet or ssh or
> > wathever)
> [login as root ./. su'ing]
> you should not do that either.
> If you need root access for a given task, get root access for _exactly this
> task_ via sudo.
And you can use syslog (see syslog.conf) to track *everything* done
via sudo. Nowadays the first things I do after booting a fresh
1. create an ordinary user account,
2. give it sudo privileges, and
3. turn on syslog for sudo.
The trail of breadcrumbs is very nice, but never logging in as root
means forgetting the root password. ;-)
Visit your host, monkey.org