Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:SSH as root (Score 1) 391

I find it hard to believe that the folks whining (I'm sorry, "bitching") about sudo usage are sysadmins on servers, and certainly not servers that are depended on by others. This policy is a good idea on any system that you can access remotely (thus making it a "server"). Running an internet connected server like a five year old is selfish and it should not be a surprise that it is discouraged.

Presumably when doing system operations, you will do as little as root as possible. Therefore sudo is not much of an inconvenience. Yes, you could prepend a destructive command with sudo, but you would have to be twice as stupid.

If remote root logins are disabled, then you cannot (remotely) guess the root password.

Comment Re:SSH as root (Score 1) 391

I read your post as:

"I am so good, and so careful, I would never, ever make a mistake as root."

Good luck to you on production servers, and may your employer and clients have mercy on your soul.

Look, admit it: running commands as root is a convenience for you, and you are willing to make the obvious tradeoff in stability and security. But don't imply that others are as gifted as you are in avoiding simple mistakes that are catastrophic as root.

Comment SSH as root (Score 1) 391

This touches on another point, that is being "root" at any time other than sysinstall. FreeBSD has never (by default) allowed root logins via SSH, and I will always contend that is a "good thing". If you access a system via SSH, it is a server. If you are on a shell session on a server, you should NEVER be root-- that's what sudo is for.

If you whine about this, you are indeed a poor sysadmin. It reminds me of my friend who habitually texts while driving. "But I have never been in an accident," he says. How selfish, putting his convenience above the safety of those around him.

Comment Tunnel SOCKS through SSH? (Score 3, Interesting) 118

I found that when a client of mine connected via SSH to a well connected server (Equinix/Ashburn), they could use the SOCKS setting in Firefox (connecting to localhost since that's what their SSH client listened to) to tunnel all of their traffic with no problem. Note: this was a Mac, up to date as of last year when we tried this.

Sure enough, one day the tunneling stopped working! We changed the port used by SSH to 443, and it worked just fine after that.

Slashdot Top Deals

God made machine language; all the rest is the work of man.