How do I gracefully exit/shutdown a "remote" machine?
Henry Spencer
henry-lqW1N6Cllo0sV2N9l4h3zg at public.gmane.org
Wed Jul 20 21:53:32 UTC 2005
On Wed, 20 Jul 2005, CLIFFORD ILKAY wrote:
> > ...direct root login can be very convenient for administering
> > machines on a seriously-private network, but...
>
> I disable remote root access on all my machines. How about disallowing
> password auth completely and only allowing key based auth?
Crypto authentication -- of both machines and users -- is definitely the
way to go if you're going to allow direct root login, and there is much to
be said for it in general.
(Knowing the root password on my secondary machines wouldn't help you,
because it doesn't get you in. Either the machine already knows who a
remote user is and where he's calling from, by crypto authentication, and
thus doesn't need to ask for a password, or it doesn't know, and will
reject the connection without ever prompting for a password.)
Henry Spencer
henry-lqW1N6Cllo0sV2N9l4h3zg at public.gmane.org
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list