Posted by: Anonymous Coward
on March 30, 2007 07:49 PM
"It is wise to create a dummy local user with absolutely no rights on the system and use that user to login into SSH. That way no harm can be done if the user account is compromised. When creating this user, make sure it's in the wheel group, so that you can switch to superuser."
This maybe a stupid newbie question, but if the attacker gets the low level user's password, isn't that all he needs to use sudo and do what he wants with root access? Please correct me if I'm wrong...
Learn about Linux
Download Linux
Get Linux help
One question...
Posted by: Anonymous Coward on March 30, 2007 07:49 PMThis maybe a stupid newbie question, but if the attacker gets the low level user's password, isn't that all he needs to use sudo and do what he wants with root access? Please correct me if I'm wrong...
#