On 01/12/2015 08:05 AM, P J P wrote:
Again, issue being addressed is not of brute force attacks. But that
of such attacks resulting in gaining 'root' access to remote machines.
They are two distinct issues.
There still needs to be an administrative access to the system, and the
most common implementation by enabling 'sudo' on the non-privileged
account. So, in a sense you are both right: this feature is just a small
step rather than a security panaceum, but it does bring real
improvements in several areas:
- increases difficulty of the attack by banning stupid automated BF
attacks on root
- improves accountability for administrative actions (we know which
admin messed up :)
- allows more granularity in granting elevated privileges across a set
of machines and admins