I work with a company that has about five servers and multiple services for which we have dedicated usernames. I usually log in as root and then use 'su' to switch to the user I need. This setup is easier for me since my public key is stored in the '.ssh' folder under '/root', but I know this isn't considered best practice. Have any of you encountered issues with this method?
5 Answers
I’ve read that it’s even disabled by default on systems like FreeBSD. You should log in as a regular user and only use 'su' to get root access when necessary. It's just a safer method overall.
It sounds a bit trollish, but yeah, logging in as root is a bad idea. Best practice is to have every user act under their own authentication. This way, you maintain accountability, and it reduces the risk of accidental mistakes that could lead to data loss or system breaches.
If you insist on rooting for root access, at least make sure you have good security controls in place, like 2FA and solid firewall rules. But even then, I wouldn't recommend it. Better to stick to separate user accounts with SSH keys for secure access, and only escalate when truly needed.
It's definitely not a good idea to allow remote root logins. Instead, you should consider prohibiting it in your SSH settings. If you're really in a bind, use 'su -' to switch to root after logging in with a personal account. This keeps things secure and organized, as each user's actions remain auditable.
Right! Adding this to your '/etc/ssh/sshd_config' can help:
`PermitRootLogin No`
`PasswordAuthentication No`
`PubKeyAuthentication Yes`.
Short answer: No.
Long answer: Absolutely not! It's generally a huge security risk to log in as root for several reasons. Firstly, 'root' is a well-known username, making it a prime target for attacks. Plus, if multiple admins are logging in as root, you lose accountability since you can't tell who did what. It’s much safer to log in with individual accounts and use 'sudo' for tasks that require higher privileges.
Right? It's a risk that’s just not worth taking.