[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssh



On Monday 16 May 2005 16:43, you wrote:
> On Mon, 16 May 2005 23:25:29 +0300, Kaj Mdkinen <kaj_(_dot_)_makinen_(_at_)_gmx_(_dot_)_net>
>
> wrote:
> >Is there any way to configure ssh to allow root access from private
> >network address.
> >and at the same time allow ssh-access from outside for other users (not
> >root) ?
>
> What part of the words "Do *NOT* login as root" have you failed to
> understand?

And who made you God? Using root may be a security risk in a number of 
environments, but certainly not something that cannot be done when 
appropriate. 

WHEN?!! You instantly ask, clearly with froth running down the face. Well 
let's see. I have a LAN which is used to test configurations, pf.conf and so 
on. It does not have WAN access. The few of us who have physical access to 
that rack, trust each other. When we modify something on that LAN box I only 
use root.

Sure, most situations can be said to have a *potential* liability.

But, putting up some shitty attitude does not exactly educate people either. 
And even if, it's still everyones prerogative to do so if they decide to.

Just because you *might* know more than others, you feel you *need* to hit 
some poor guy who's not familiar with security. You may feel good spitting it 
out, but it's no help to anyone. 

Robotic education is not education either. You can train a dog that way, but 
few humans will do well with it. Understanding is the key word. 

Oh, some unnamed people here have a four letter word in every sentence when 
they feel like it. They are nicely justified too. 

Still, that kind of attitude only makes the perpetrator look bad. And helped 
no one.


-- 

Steve Szmidt

"They that would give up essential liberty for temporary safety 
deserve neither liberty nor safety."
                                Benjamin Franklin



Visit your host, monkey.org