Drink the sudo Kool-Aid

In the beginning, there was the simple root logon. The Admin elevated his privileges through this simple process and all was good. This state was excellent until it was neccessary to create more users to do the work of the Almighty Himself. So the wise admin fashioned the tool called “su” that made it easy to raise new admins into the House of Wheel. This state persisted until one of the Admin’s most trusted Support Techs committed a heinous sin believing he could achieve glory by compromising the main server. After terminating, this user and his followers the Admin set to work again to create a tool that would maintain harmony and stability for all of Creation. The product of His labor is called today “sudo”.

Alright, so I admit I login as root directly and su to root, otherwise. I’m gonna make an effort to use sudo exclusively. Just to show my dedication to the cause I commented out everything in /etc/securetty except for tty6 as a backup. If I ever hope to administer servers professionally making sudo habit is required. Might even go so far as to disable su also. Then for truly hardened servers the root password can be removed completely so the only way in is through sudo.