Quote:
Originally posted by toddler
you ssh as root?
|
Yep. Scary, isn't it? 80 production servers, no user accounts, PermitRootLogin = yes
FWIW, only a certain IP block can ssh to those hosts, and the only time we do is to do superuser functions anyway. I see no need to go and create 80 accounts who's sole functions will be to run "su".
Having a non-privileged user account will provide no extra layer of security.