Re: SSH Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2005-12-10 at 16:35, wwp wrote:
> Hello Scot,
> 
> 
> On Tue, 06 Dec 2005 21:15:04 -0500 "Scot L. Harris" <webid@xxxxxxxxxx> wrote:

> > Key based authentication is the right way to go.  You should disable
> > root ssh access completely.
> 
> BTW, is there a way to make ssh allowing root access from a specific
> interface (local for instance) and denying it from other ones (external)?

I believe that can be done.  However I would not recommend that.  It is
always better to have someone login as themselves then su - or use sudo
to get elevated privileges.  You then have an audit trail of who used
root plus they would have to break a standard user account then the root
account.

If you go that route it just complicates your setup and if an error is
made you could leave root open on an external interface.  Much simpler
and safer to deny root access completely.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux