Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-212 days agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-squaremessage-square60fedilinkarrow-up171arrow-down14file-text
arrow-up167arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-212 days agomessage-square60fedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-squareSavvyWolf@pawb.sociallinkfedilinkEnglisharrow-up1arrow-down1·12 days agoI don’t think that actually works; the attacker could just remove .bashrc and create a new file with the same name.
minus-square2ndSkin@sh.itjust.workslinkfedilinkarrow-up5·12 days agoIf the .bashrc is immutable, the attacker can’t remove it. That’s how it works.
minus-squareWheelchairArtist@lemmy.worldlinkfedilinkarrow-up2arrow-down1·12 days agoyou’re right. that’s something i wanted to look into. guess setfacl would do the trick?
I don’t think that actually works; the attacker could just remove .bashrc and create a new file with the same name.
If the .bashrc is immutable, the attacker can’t remove it.
That’s how it works.
you’re right. that’s something i wanted to look into. guess setfacl would do the trick?