[plug] Linux security idea - maybe

Craig Ringer craig at postnewspapers.com.au
Fri Jun 13 00:17:21 WST 2003


> Delete *both* root passwords and have the ssh2 public key from a 
> seldom-used user on (an)other machine(s) in /root/.ssh/authorized_keys. 
> If you lose network, you can always use the init=/bin/bash option from 
> the console anyway. (-: You did password LILO, didn't you? :-)

... or log in as a normal user, then "ssh -p 2222 root at localhost" . Why 
2222? Because you've got to be NUTS to run an sshd that allows root 
login accessable to the rest of the world IMHO. If it's an additional 
sshd instance on a high port, it can be firewalled off properly.

A lilo password does FA good unless you also set a supervisor password 
in the BIOS and set the machine to only boot off your normal boot device 
(no floppy, no CD, etc). Otherwise, a quick bit of bootable removable 
media and all your security goes away.

That said, I don't lock all my machines down quite like this. My home 
box isn't hardened to anywhere near this extent, for example. In fact, 
I've never totally disabled the root account. OTOH, I do tend to 
entirely forget the passwords to accounts on remote machines, since my 
ssh key is all I ever need - the password is kept in a gpg-encrypted 
file, just in case.

Craig Ringer



More information about the plug mailing list