On Tue, 25 Oct 2005, Michael A. Peters wrote:
On Mon, 2005-10-24 at 20:53 -0700, Joel Jaeggli wrote:
On Tue, 25 Oct 2005, Danny Terweij - Net Tuning | Net wrote:
From: "Michael A. Peters" <mpeters@xxxxxxx>
As you have already realized, it is generally not safe to allow ssh
access for root. In fact, Fedora by default does not allow root to have
ssh access.
Ask yourself why is is not safe to ssh to root?
It's a known user ID on a system, and an incredibly powerful one.
No one will have root access that doesn't have a regular user account as
well, therefore, forcing remote root users to first log in as their
regular user and then su to root prevents a known username that happens
to be all powerful from being bute-forced.
no-one is brute-forcing my ssh dsa private key. by that measure alone,
allowing ssh isn't unsafe at all. if you want to require it for root, set:
PermitRootLogin without-password
no password attacks against root will ever work again.
Furthermore, if you ssh in as root - there is no accountability.
Sure there is. That depends on what logging you choose to do and where.
We do process accounting, and centralized syslogging so our syslog hosts
have a pretty good audit-trail for what goes on on our hosts.
If you ssh in as a user and then su to root, that action is recorded in
the log files - and you know who logged into root and when.
And you log which key was used to know as well. If
--
--------------------------------------------------------------------------
Joel Jaeggli Unix Consulting joelja@xxxxxxxxxxxxxxxxxxxx
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2