When to Run a Remote Login Server | Advanced Linux Networking

The principal reason for running a remote login server is to let users run arbitrary text-based programs from other computers. You might want to make the computer accessible from distant locations ( potentially even somewhere on the other side of the planet), or to allow several people to log in and use the system simultaneously . A single Linux computer can support anywhere from one to thousands of simultaneous users, depending upon the programs they run and the hardware used in the computer. As a general rule of thumb, a user load in the dozens on reasonably modern hardware is probably not excessive, so long as users don't need to use extremely resource- intensive programs.

WARNING

Remote login servers are unusually sensitive from a security point of view. If a miscreant somehow obtains a username and password for a computer that runs only, say, a Post Office Protocol (POP) server, and if the POP server has no security flaws, the miscreant won't be able to do serious harm to the computer. Of course, the e-mail the miscreant might read could be sensitive, but in terms of harm to the computer, the impact is minimal. With remote login access, though, the miscreant has the opportunity to exploit any bugs or flaws that might exist in dozens or hundreds of other programs, and thus do serious damage. For this reason, it's particularly important that you configure your remote login servers carefully , and diligently guard the passwords for computers that run such servers. If you aren't using a remote login server on a computer, you should disable it, even if you're using other remote login servers.