Re: SSH hacked?



On Thu, Jan 15, 2009 at 08:21:48AM -0500, Mark Haney wrote:
Res wrote:


I fail to see how that's incorrect, then? I occasionally see attempts
to break in with root, but not that often. That wasn't really my point.
The point is that not allowing ANY privileged account login access via
any method effectively makes breaking in with them impossible. This is

Breaking in with them perhaps, but what if they get in under a user, a
user that happens to be auth'd to su/sudo/whatever, never be complacent
about possible threats.

Of course, I do not dispute that. I'm talking about limiting the number
of possible attack vectors. Hacking root gives a hacker full rights.
Exploiting a user account still means the hacker has find a way to get
root privileges. Granted if that user has sudo rights, that's just as
bad, but not every user account has that right, so it's not a guarantee.

It's one of the reasons I don't use sudo (no one has any sudo
privileges) on my system. I also have ssh root access disabled.

So, to get root access, an attacker using ssh has to first guess my
(or another user) password and then guess the root password.

(In addition ssh is only allowed from a few IP addresses but that's
irrelevant to my comment above)

--
Chris Green

--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users



Relevant Pages

  • Re: Choosing a distribution
    ... 'sudo bash' where I haven't had a proper root account to work with. ... cracked and hence give the intruder root access. ...
    (Ubuntu)
  • Re: Is OpenSSH 3.5p1 secure?
    ... Do not allow root access over ssh. ... Do allow access over ssh for one and only one user. ... NOTHING is perfectly secure. ...
    (comp.security.ssh)
  • Re: shell script automatically logging in...
    ... |> | I'm new at shell scripting and don't really have the time to learn it ... |> | ...Now logged in as root ... | suiting this needs - even changed my sudo editor in the process :-), ... feeding the password into the SSH client. ...
    (comp.os.linux.development.system)
  • Re: rsync as root without ssh as root
    ... Since I keep my backups offsite, I'd much rather also do the backup via ssh. ... root without using a root login. ... Use the --rsync-path option to specify a sudo wrapper. ... That works if everything you copy is readable, but if you're going to copy read-only files you're going to need to invoke rsync as root. ...
    (comp.unix.shell)
  • Re: Ubuntu root password
    ... from GNU su. ... remote users can't log in as root. ... :> commands with sudo, so you are protected from yourself. ... single-command ssh key). ...
    (uk.comp.os.linux)