Maarek Stele wrote:
First reason as I've seen online and from my server logs, root is the primary account automated scripts try to break in through. Before adding additional security measures to block these scripts and free up bandwidth, my server logs were in the 10s of thousands with these types of hits. Sure I'm using SSH which Greatly slows down the automation of the attack, but the whole findings end up annoying, I would trace hits from Guatemala, China, Russia, Middle East, and even parts of the US. And that's about it. Nothing more I can do in return without repercussions.
The Second part of not activating the root user is simple. If you want to be in the command line as "the" admin, just type [b]su[/b]. you'll be at a # sign after the password and you won't need the sudo option for the server maintenance you are preforming.
I totally disagree. If you feel unsafe on your server for the root user, just disable the remote login as root (besides, that is the right thing to do).
And about the "su" command, you can't do that on Ubuntu as the root user is disabled! There is no password for it ;)
First thing I do on sudo based systems:
To get the root user back.
Using sudo is getting another program with the suid bit which is a security flaw as well. The less programs you have with that bit the better.
What else? Using sudo is getting the admin security to a user's password level... safer than having a safe password for root? I guess not ;)
Naaaahh, using sudo is a bad idea security wise IMHO