not sure how to set this up, but it seems a desirable set of access control settings:
root account fundamentally has no password (so nothing to remember, nothing to forget).
login as root at console, permitted (no password). (if an attacker has physical access, a password won't stop them.)
su from unprivileged user, forbidden.
sudo bash or sudo su from user on sudoers, permitted.
ssh to root with password authentication, forbidden.
ssh to root with public-key authentication, permitted. (also, similar mechanisms like Kerberos.)
No comments :
Post a Comment