root login
Sam Hartman
hartmans at MIT.EDU
Tue May 7 22:52:53 EDT 2002
>>>>> "Sylvain" == Sylvain Robitaille <syl at alcor.concordia.ca> writes:
Sylvain> Consider first, why you *don't* want to do that: login
Sylvain> (or login.krb5) is not called only by getty. Ideally
Sylvain> you'd login as a non-root user and then *become* root
Sylvain> with su, (or use sudo, or whatever is appropriate to your
Sylvain> site policy).
You're probably just as happy logging in as root using ssh or
encrypted rlogin using a root instance; you get the same auditing as
with ksu and don't have to have user accounts on trusted servers.
More information about the Kerberos
mailing list