Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-23 months agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-squaremessage-square62fedilinkarrow-up171arrow-down14file-text
arrow-up167arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-23 months agomessage-square62fedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-squareWheelchairArtist@lemmy.worldlinkfedilinkarrow-up3·3 months agothat’s why root owns my .bash* stuff
minus-squareSavvyWolf@pawb.sociallinkfedilinkEnglisharrow-up1arrow-down1·3 months agoI don’t think that actually works; the attacker could just remove .bashrc and create a new file with the same name.
minus-square2ndSkin@sh.itjust.workslinkfedilinkarrow-up5·3 months agoIf the .bashrc is immutable, the attacker can’t remove it. That’s how it works.
minus-squareWheelchairArtist@lemmy.worldlinkfedilinkarrow-up2arrow-down1·3 months agoyou’re right. that’s something i wanted to look into. guess setfacl would do the trick?
that’s why root owns my .bash* stuff
I don’t think that actually works; the attacker could just remove .bashrc and create a new file with the same name.
If the .bashrc is immutable, the attacker can’t remove it.
That’s how it works.
you’re right. that’s something i wanted to look into. guess setfacl would do the trick?