On Mon, Jul 14, 2014 at 3:18 PM, Sven Kieske <svenkieske at gmail.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 14.07.2014 18:34, Kevin Fenzi wrote: >> FWIW, I find the idea of setting a non priv user on cloud images >> like this a kind of strange security theater, but it seems everyone >> is doing it now. ;( > +1 > > I'm really not getting this > "oh we disable root for security > but we enable a user (not called > root) to run every command on the system > with root privileges and without the need > of a password" > > this is in no way safer than root access. It can be. SSH key based access, and sudo, can be configured with settings to insist that the commands come from the local host, that they allow only specific commands with specific arguments, or even that they be run through validation tool such as the old 'validate-rsync.sh' script used by various rsync based backup tools. It ain't perfect, but it profoundly limit the ease of deliberate or accidental destruction.