Re: how to react on ssh attacks?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2005-10-24 at 20:53 -0700, Joel Jaeggli wrote:
> On Tue, 25 Oct 2005, Danny Terweij - Net Tuning | Net wrote:
> 
> > From: "Michael A. Peters" <mpeters@xxxxxxx>
> >
> >>> As you have already realized, it is generally not safe to allow ssh
> >>> access for root.  In fact, Fedora by default does not allow root to have
> >>> ssh access.
> 
> Ask yourself why is is not safe to ssh to root?

It's a known user ID on a system, and an incredibly powerful one.
No one will have root access that doesn't have a regular user account as
well, therefore, forcing remote root users to first log in as their
regular user and then su to root prevents a known username that happens
to be all powerful from being bute-forced.

Furthermore, if you ssh in as root - there is no accountability.
If you ssh in as a user and then su to root, that action is recorded in
the log files - and you know who logged into root and when.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux