SSH hacked?

[Mark Haney]

Chris G wrote:

>>
> It's one of the reasons I don't use sudo (no one has any sudo
> privileges) on my system.  I also have ssh root access disabled.
> 
> So, to get root access, an attacker using ssh has to first guess my
> (or another user) password and then guess the root password.
> 
> (In addition ssh is only allowed from a few IP addresses but that's
> irrelevant to my comment above)
> 

So basically, you have a typical secure linux setup, where to do any
thing with root, you have to log in as root?

For me, that's the most secure method of managing a system.  Granted, it
isn't the most /convenient/ at times, but that's a sacrifice I'm willing
to make on the internet facing systems I have to manage.



-- 
Frustra laborant quotquot se calculationibus fatigant pro inventione
quadraturae circuli

Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415

Call (866) ERC-7110 for after hours support