Ubuntu server remote file access

Sat Sep 28 18:17:44 UTC 2013

On 09/27/2013 03:04 PM, Hal Burgiss wrote:
> On Fri, Sep 27, 2013 at 11:28 AM, Kent Borg <kentborg at borg.org 
> <mailto:kentborg at borg.org>> wrote:
>
>     On 09/27/2013 11:07 AM, Colin Law wrote:
>
>         I thought that if you used keys for authentication and have
>         disabled password access (as the OP has done), then ssh is
>         effectively unbreakable.
>
>
>     Yes, but now you have shifted the risk to a new location: your
>     private ssh key.
>
>
> The only way to avoid all risk is to unplug.

Oh, that settles the question.

>     How do you protect it?  I hope you have it encrypted, but what if
>     someone gets ahold of the encrypted key? 
>
>
> Huh? Private keys are encrypted. But if you have the key, you have the 
> key.

Yes, private keys are encrypted--if you encrypt them.  So if someone has 
your private key, they still need to break any encryption.

Earlier someone was worried that having an sshd port open was a big 
security risk.  Well, no, not if you have a good password.  Let them 
throw thousands of login attempts at you and it doesn't matter.  It does 
not matter: If you have a good password and you keep it secret, they 
won't guess it through the rate-limiting the ssh daemon does. Let them 
try.  It does not matter.

Yesterday one of the machines I run had 126 login attempts from an IP 
address held by some "ChinaCache North America, Inc", in Diamond Bar, 
California.  Doesn't bother me in the least.  They aren't going to get 
in that way.

If someone breaks into one of your machines by any route, and they find 
private keys sitting open or lightly encrypted, then you are letting 
them into other machines.  If these machines are of similar purpose and 
similar contents and similar management, that might be quite reasonable.

A key point is that an sshd password of a given length is much more 
secure that an encryption password of the same length.  In general, a 
password used for encryption has to be very long and high 
quality--assuming you care about your encryption.  Your data might not 
be very sensitive, in which case it is perfectly sensible to use a weak 
password.  It depends on what you are doing.

> What are we trying to protect, Fort Knox?

That is a key question.  What are you trying to protect and from whom?  
There are a lot of data breaches all the time because someone didn't ask 
that question and instead followed some rules-of-thumb s/he decided upon 
years ago and isn't thinking about.  This stuff is not easy or people 
wouldn't get it wrong *SO* often.

Blanket statements that ssh keys are more secure than ssh passwords are 
simply meaningless: it depends on what you are doing and where you put 
those keys and passwords.

> Simples precautions:
>
> 1. Use firewall based access where you can
> 2. Use something like fail2ban
> 3. Run ssh on non-standard port, if you are paranoid enough.
> 4. Run log monitoring software to know what's happening.

Generic advice.  You are leaving out two much more important items:

  1. Pick good passwords, passwords that have components determined by 
something actually random, not just passwords that seem obscrue to you.

  2. Keep your passwords secret--which means don't reuse them across 
sites.  This is the killer that most people will not do, they would 
rather worry about firewalls.

-kb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20130928/73f9ccc1/attachment.html>