James Ponder wrote:

> As pointed out to me, there are mechanisms such as s/key that could be used,
> but that is a real effort to most people. Plus, you could have many
> different root passwords, but again, that is a real effort to most people
> too.

A real effort is a better solution than logging in as root, especially
with ssh1. It might not be so bad to log in as root with ssh2.

Also, what we're concerned with here is not handling the situation after
being rooted; We're talking about avoiding being rooted.

> So, in this situation, wouldn't ssh to root be better?

No. If you want to be sure of security, you need to do some things;

Filter connections from places that shouldn't be connecting
Disable all services you're not using
Replace any insecure services you ARE using with services you aren't using
Stay on top of advisories
Run anything you can chroot
Don't do stupid things

In addition, you should probably allow for intrusion detection, or at
least rooting detection, like tripwire. A smart kiddie (or pro) will
know to disable it, but it can help save you from the boneheads.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]