Re: SSH hacked?

On Thu, Jan 15, 2009 at 08:21:48AM -0500, Mark Haney wrote:
Res wrote:

I fail to see how that's incorrect, then? I occasionally see attempts
to break in with root, but not that often. That wasn't really my point.
The point is that not allowing ANY privileged account login access via
any method effectively makes breaking in with them impossible. This is

Breaking in with them perhaps, but what if they get in under a user, a
user that happens to be auth'd to su/sudo/whatever, never be complacent
about possible threats.

Of course, I do not dispute that. I'm talking about limiting the number
of possible attack vectors. Hacking root gives a hacker full rights.
Exploiting a user account still means the hacker has find a way to get
root privileges. Granted if that user has sudo rights, that's just as
bad, but not every user account has that right, so it's not a guarantee.

It's one of the reasons I don't use sudo (no one has any sudo
privileges) on my system. I also have ssh root access disabled.

So, to get root access, an attacker using ssh has to first guess my
(or another user) password and then guess the root password.

(In addition ssh is only allowed from a few IP addresses but that's
irrelevant to my comment above)

Chris Green

ubuntu-users mailing list
Modify settings or unsubscribe at:

Relevant Pages

  • Re: Choosing a distribution
    ... 'sudo bash' where I haven't had a proper root account to work with. ... cracked and hence give the intruder root access. ...
  • Re: Is OpenSSH 3.5p1 secure?
    ... Do not allow root access over ssh. ... Do allow access over ssh for one and only one user. ... NOTHING is perfectly secure. ...
  • Re: shell script automatically logging in...
    ... |> | I'm new at shell scripting and don't really have the time to learn it ... |> | ...Now logged in as root ... | suiting this needs - even changed my sudo editor in the process :-), ... feeding the password into the SSH client. ...
  • Re: rsync as root without ssh as root
    ... Since I keep my backups offsite, I'd much rather also do the backup via ssh. ... root without using a root login. ... Use the --rsync-path option to specify a sudo wrapper. ... That works if everything you copy is readable, but if you're going to copy read-only files you're going to need to invoke rsync as root. ...
  • Re: Is SSH worth it??
    ... Keep in mind you can now sniff SSH ... Because the network traffic in a ssh connection is strongly encrypted ... sudo is a lot more useful in such cases. ... without having to divulge the root password. ...