Help: Unable to change to SU through SSH
Kevin Kinsey
kdk at daleco.biz
Sat May 13 09:24:49 PDT 2006
John.Dickinson at nominet.org.uk wrote:
>
> I would recommend that you dont create an admin user. Create normal user
> accounts named after the user who will be logging in. Add users who will
> need to be able to do admin tasks to the wheel group. Then install sudo
> and configure it to allow users in the wheel group to run commands as
> root.
>
The reason this is a Good Thing(tm): a large number of "in the wild"
exploit scripts/bots/programs already attempt to use a "admin" username
in their attempts to break your security (also, 'root', 'administrator',
'webmaster', 'bob', 'joe', 'fred', 'test', etc.).
I've yet to see one that tries to log in as "manjee", though, unless
it has parsed the username as part of an e-mail address in a web site
or server error page. In e-mail, "aliases" to actual user accounts
should rule the day.
Kevin Kinsey
--
It is through symbols that man consciously or unconsciously
lives, works and has his being.
-- Thomas Carlyle
More information about the freebsd-questions
mailing list