|
|
|
|
|
|
by jfindley
4435 days ago
|
|
|
Requiring admins to ssh to a different, unique-to-them, user, and use sudo from there for any operations requiring root is much better. It's far easier to audit what's been done to the server, which is important not just for compliance but also for figuring out why something's broken suddenly. It also means that you get to have your own shell history, your own shell settings, your own vim settings, etc, etc. In general, having proper deployment, log collection and config management tools in place tends to mean you rarely need to scp files around at all - and the cases when you do, you can work around this by scping them to some other dir, and moving them locally with a sudo command. |
|
|
A user login followed by su to root is a valid alternative, but I wouldn't have a problem with allowing key-only root access via sshd either.
You'd want the root key/password to be very tightly controlled for the reasons you mention, but having it set is (IMO) a worthwhile backup plan for when things go wrong.