[ale] I was hacked!
Derek Atkins
derek at ihtfp.com
Mon Nov 4 15:53:17 EST 2019
Hi,
On Mon, November 4, 2019 3:47 pm, dj-pfulio via Ale wrote:
>
>> The new server will not allow password access to ssh. Only allow ssh
>> keys. There are only 3 users on this machine and I'm the only one who
>> would know what to do with root access, so I'll have sudo permission and
>> no one else.
>
> Why allow remote root at all? That's like giving up 50% of the guessing
> for credentials.
> We always ssh in using keys and normal user accounts, then use sudo.
>
> I cannot remember the last time I remoted into any machine using root
> directly. Perhaps 2006? First thing I do on any new machine is add an
> account with sudo rights.
I don't see the operational difference between ssh'ing into root (using a
key) and ssh'ing into another account using a key and then sudo'ing to
root. You're still getting into the machine via a key?
-derek
--
Derek Atkins 617-623-3745
derek at ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
More information about the Ale
mailing list