[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] I was hacked!

Subject: [ale] I was hacked!
From: derek at ihtfp.com (Derek Atkins)
Date: Mon, 4 Nov 2019 15:53:17 -0500
In-reply-to: <[email protected]>
References: <e6ab75e2.[email protected]> <[email protected]>

Hi,

On Mon, November 4, 2019 3:47 pm, dj-pfulio via Ale wrote:
>
>> The new server will not allow password access to ssh.? Only allow ssh
>> keys.? There are only 3 users on this machine and I'm the only one who
>> would know what to do with root access, so I'll have sudo permission and
>> no one else.
>
> Why allow remote root at all?  That's like giving up 50% of the guessing
> for credentials.
> We always ssh in using keys and normal user accounts, then use sudo.
>
> I cannot remember the last time I remoted into any machine using root
> directly. Perhaps 2006?  First thing I do on any new machine is add an
> account with sudo rights.

I don't see the operational difference between ssh'ing into root (using a
key) and ssh'ing into another account using a key and then sudo'ing to
root.  You're still getting into the machine via a key?

-derek

-- 
       Derek Atkins                 617-623-3745
       derek at ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

Follow-Ups:
- [ale] I was hacked!
  - From: djpfulio at jdpfu.com (dj-pfulio)

References:
- [ale] I was hacked!
  - From: jim at ezsched.us (Jim)
- [ale] I was hacked!
  - From: djpfulio at jdpfu.com (dj-pfulio)

Prev by Date: [ale] I was hacked!
Next by Date: [ale] I was hacked!
Previous by thread: [ale] I was hacked!
Next by thread: [ale] I was hacked!
Index(es):
- Date
- Thread