[Triumf-linux-managers] FYI, SSH dictionary attacks ramping up
Konstantin Olchanski
olchansk at triumf.ca
Tue Dec 8 16:31:01 PST 2009
On Tue, Dec 08, 2009 at 04:00:13PM -0800, Andrew Daviel wrote:
> Mitigation:
> - in /etc/ssh/sshd_config, set "PermitRootLogin without-password"
> and get root ... with ... SSH with a key ...
There is one benefit to passworded ssh root logins - after
I erase ~root/.ssh/authorized_keys, I can be reasonably sure
that only people who know (or guess) the root password can
get into root.
If I permit root logins with ssh keys, root's security
becomes an honor system because there is no way to enforce
or even check that root's autorized_keys are passworded (never
mind checking that they have strong passwords).
If users use non-passworded ssh keys to get into root,
root security is reduced to the security of the user account (read: none).
--
Konstantin Olchanski
Data Acquisition Systems: The Bytes Must Flow!
Email: olchansk-at-triumf-dot-ca
Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
More information about the Triumf-linux-managers
mailing list