Re: Things Linux Can Do Without
- From: "Robert M. Riches Jr." <spamtrap42@xxxxxxxxxxx>
- Date: Sat, 31 May 2008 22:09:55 GMT
On 2008-05-31, Rahul <nospam@xxxxxxxxxxxxxxx> wrote:
Ignoramus23731 <ignoramus23731@xxxxxxxxxxxxxxxxxxxx> wrote in
news:O6OdnW0ITvH63N3VnZ2dnUVZ_vzinZ2d@xxxxxxxxxxxx:
There is nothing wrong with this, but make sure to pick unguessable
root password, for example h1b32pp2m33, disable logon of root vis SSH
with password,
The reason for this is there are thousands of machines connecting to
all SSH servers that they can find and trying to brute force guess
root password.
How is this safer? I still need ssh to login as a normal user. Then I su to
root. Couldn't the malicious robots do the same even with user account ssh
access open?
The attacker would have to guess _both_ the normal user's
username and the password. With "root", the attacker
already knows the username. It adds a few bits worth of
security by obscurity, but it's not very many bits.
HTH
--
Robert Riches
spamtrap42@xxxxxxxxxxx
(Yes, that is one of my email addresses.)
.
- Follow-Ups:
- Re: Things Linux Can Do Without
- From: Vilmos Soti
- Re: Things Linux Can Do Without
- Prev by Date: Re: Linux robustness
- Next by Date: Re: why tar, bz2, gz is single thread?
- Previous by thread: Re: Linux robustness
- Next by thread: Re: Things Linux Can Do Without
- Index(es):
Relevant Pages
|
|
