Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-21 year agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-squaremessage-square38fedilinkarrow-up145arrow-down13file-text
arrow-up142arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-21 year agomessage-square38fedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-squarelordnikon@lemmy.worldlinkfedilinkEnglisharrow-up17arrow-down1·1 year agoYes it’s always better to login with a user and sudo so your commands are logged also having disable passwords for ssh but still using passwords for sudo gives you the best protection
minus-squareLemmchen@feddit.orglinkfedilinkEnglisharrow-up4·1 year agoSudo also allows for granular permissions of which commands are allowed and which aren’t.
minus-squaregrrgyle@slrpnk.netlinkfedilinkarrow-up3·edit-21 year agoAlso double check that sudo is the right command, by doing which sudo. Something I just learned to be paranoid of in this thread. Unless which is also compromised, my god…
Yes it’s always better to login with a user and sudo so your commands are logged also having disable passwords for ssh but still using passwords for sudo gives you the best protection
Sudo also allows for granular permissions of which commands are allowed and which aren’t.
Also double check that sudo is the right command, by doing
which sudo. Something I just learned to be paranoid of in this thread.Unless
whichis also compromised, my god…