[plug] Linux security idea - maybe
Craig Ringer
craig at postnewspapers.com.au
Fri Jun 13 00:17:21 WST 2003
> Delete *both* root passwords and have the ssh2 public key from a
> seldom-used user on (an)other machine(s) in /root/.ssh/authorized_keys.
> If you lose network, you can always use the init=/bin/bash option from
> the console anyway. (-: You did password LILO, didn't you? :-)
... or log in as a normal user, then "ssh -p 2222 root at localhost" . Why
2222? Because you've got to be NUTS to run an sshd that allows root
login accessable to the rest of the world IMHO. If it's an additional
sshd instance on a high port, it can be firewalled off properly.
A lilo password does FA good unless you also set a supervisor password
in the BIOS and set the machine to only boot off your normal boot device
(no floppy, no CD, etc). Otherwise, a quick bit of bootable removable
media and all your security goes away.
That said, I don't lock all my machines down quite like this. My home
box isn't hardened to anywhere near this extent, for example. In fact,
I've never totally disabled the root account. OTOH, I do tend to
entirely forget the passwords to accounts on remote machines, since my
ssh key is all I ever need - the password is kept in a gpg-encrypted
file, just in case.
Craig Ringer
More information about the plug
mailing list