SSH hacked?
Mark Haney
mhaney at ercbroadband.org
Thu Jan 15 14:31:32 UTC 2009
Chris G wrote:
>>
> It's one of the reasons I don't use sudo (no one has any sudo
> privileges) on my system. I also have ssh root access disabled.
>
> So, to get root access, an attacker using ssh has to first guess my
> (or another user) password and then guess the root password.
>
> (In addition ssh is only allowed from a few IP addresses but that's
> irrelevant to my comment above)
>
So basically, you have a typical secure linux setup, where to do any
thing with root, you have to log in as root?
For me, that's the most secure method of managing a system. Granted, it
isn't the most /convenient/ at times, but that's a sacrifice I'm willing
to make on the internet facing systems I have to manage.
--
Frustra laborant quotquot se calculationibus fatigant pro inventione
quadraturae circuli
Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415
Call (866) ERC-7110 for after hours support
More information about the ubuntu-users
mailing list