how to react on ssh attacks?
Knute Johnson
knute at frazmtn.com
Tue Oct 25 17:58:14 UTC 2005
Anybody know where to find detailed instructions to set up login by
key only? Needs to be for a Linux blivet.
Thanks,
knute...
>On Mon, 2005-10-24 at 20:53 -0700, Joel Jaeggli wrote:
>> On Tue, 25 Oct 2005, Danny Terweij - Net Tuning | Net wrote:
>>
>> > From: "Michael A. Peters" <mpeters at mac.com>
>> >
>> >>> As you have already realized, it is generally not safe to allow
>> >>> ssh access for root. In fact, Fedora by default does not allow
>> >>> root to have ssh access.
>>
>> Ask yourself why is is not safe to ssh to root?
>
>It's a known user ID on a system, and an incredibly powerful one. No
>one will have root access that doesn't have a regular user account as
>well, therefore, forcing remote root users to first log in as their
>regular user and then su to root prevents a known username that
>happens to be all powerful from being bute-forced.
>
>Furthermore, if you ssh in as root - there is no accountability.
>If you ssh in as a user and then su to root, that action is recorded
>in the log files - and you know who logged into root and when.
>
>--
>fedora-list mailing list
>fedora-list at redhat.com
>To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
>
--
Knute Johnson
Molon Labe...
More information about the fedora-list
mailing list