[nycbug-talk] A couple of security related questions

[Kevin Reiter]

: I want to disable su - via ssh totally, I only want to allow su -
: toor when logged in via ssh. Root should be allowed only at console, and
: toor should be used via ssh

/etc/login.access can be configured to allow or disallow logins from the
console, sessions, etc.

: Linux for the most part will allow you to login as root via ssh

I can't speak for all distros, since I mainly deal with Slackware and Debian
(both of which specifically do not allow root to login directly via SSH).
On Linux, SSH access can be configured by editing /etc/sshd.conf but in BSD
it's a bit different (see above.)

You might also want to check to see if "sudo" has been installed, and if so,
which users (if any) are allowed to do sudo commands, which would
effectively bypass users needing to su to root/toor to do anything major on
the box via a session of any type.