Showing posts from July, 2015

Should we use ‘sudo’ for day-to-day activities?

None of the systems I administer or supervise have ‘sudo’ installed and every time I answer a question on how to do privileged work on these systems (i.e. do tasks that require administrator privileges) with a proposal to SSH under the privileged account directly to do such a work whoever asked the question start to blabber how insecure that is, that one should use ‘sudo’ and that nobody should ever login directly as root.I've spent quite some time explaining the misconception behind so-called "secure way to access systems through sudo", so I decided to write up an article that describes the issues of using that approach and why using ‘sudo’ is actually less secure than a direct SSH access.