<p>But if you lock the root account you're hosed in emergency run level 1.<br>
Instead set securetty to only be local console and use sudo for all else.</p>
<div class="gmail_quote">On Sep 16, 2011 1:47 PM, "Michael B. Trausch" <<a href="mailto:mike@trausch.us">mike@trausch.us</a>> wrote:<br type="attribution">> On Mon, 2011-09-12 at 17:40 -0400, Bob Toxen wrote:<br>
>> Disabling root ssh and requiring one first to ssh in through another<br>>> account and su'ing or sudo'ing to root is not as effective as the<br>>> above solutions and may diminish security, in my opinion. <br>
> <br>> Okay, so I can understand why that would be the case for giving accounts<br>> access to su (but if you're doing that, then you haven't locked the<br>> password for the root user anyway), but sudo is a totally different<br>
> animal.<br>> <br>> What I do on all my systems these days is this:<br>> <br>> * I run "passwd -l root", so that root cannot login by any means<br>> (because its password is locked).<br>> <br>
> * I create a group for full system administrators (that is, people<br>> that can run "sudo -i" or "sudo -s" to the root user account).<br>> <br>> * If the system has subadministrators, I configure sudo for that.<br>
> For example, on a system that runs a phone system (say, FreeSWITCH),<br>> the phone system runs as a certain user. I'll create a group for<br>> people who are allowed to become that user, and then configure sudo<br>
> to enable people to change their uid to that user so that they can<br>> administer the phone system. Same goes for a Web administrator or<br>> DBA. Such people would, therefore, not allowed to become root<br>
> (because they have no need to do so).<br>> <br>> * If there are people who have to run single commands as root, I will<br>> configure sudo to enable them to do so (as long as it's not a command<br>
> that will spawn a subshell or something). All bets are off if it can<br>> spawn a subshell, of course, but as long as it is a well-behaved<br>> single-task program, it is usually fine.<br>> <br>> The sudo command can be used to create a very fine-grained system where<br>
> people can only gain access to the privileges that they need in order to<br>> get their work done. It _can_ take a little bit to engineer an<br>> appropriate configuration, but once that's done, sudo takes care of the<br>
> logging and all of that for you.<br>> <br>> There are even ways to make it possible to have fully functional system<br>> administrators that can do everything _except_ change the sudo<br>> configuration or certain items like system logs, though that is slightly<br>
> outside of the scope of sudo itself.<br>> <br>> All that to say that proper use of sudo significantly enhances system<br>> security, not the opposite.<br>> <br>> --- Mike<br>> <br>> -- <br>> A man who reasons deliberately, manages it better after studying Logic<br>
> than he could before, if he is sincere about it and has common sense.<br>> --- Carveth Read, “Logic”<br>> <br>> _______________________________________________<br>> Ale mailing list<br>
> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>> <a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a><br>> See JOBS, ANNOUNCE and SCHOOLS lists at<br>> <a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a><br>
</div>