RE: [j-nsp] On the Junipers you can ssh as root.

From: Daniel Golding (dan@netrail.net)
Date: Wed Mar 21 2001 - 12:45:01 EST


There are very good reasons to NOT have this ability (or to make it a knob
that can be turned on or off).

1) Some operations in the shell must be performed as root
2) There is no way to properly account for root access on a Juniper, UNLESS
you are forced to Radius authenticate with your own username, then either
sudo, or su to root.
3) I can't think of too many good reasons to do anything as root. Sudo is
much better operational practice.

- Daniel Golding

> -----Original Message-----
> From: Randy Bush [mailto:randy@psg.com]
> Sent: Wednesday, March 21, 2001 10:14 AM
> To: Josh Joiner
> Cc: juniper-nsp@puck.nether.net
> Subject: Re: [j-nsp] On the Junipers you can ssh as root.
>
>
> > I have put in a request for them to fix this but they do not
> seem to think
> > this is a big deal!
>
> it is a big deal. please leave it.
>
> randy
>



This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:41 EDT