Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-29 days agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-squaremessage-square81fedilinkarrow-up1104arrow-down14file-text
arrow-up1100arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-29 days agomessage-square81fedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-squaregrrgyle@slrpnk.netlinkfedilinkarrow-up1·8 days agoMaybe if you escaped the command like \\type sudo?
minus-squaresludgewife@lemmy.blahaj.zonelinkfedilinkEnglisharrow-up2·8 days agono, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
minus-squarecatloaf@lemm.eelinkfedilinkEnglisharrow-up1·8 days agoYou assume the shell isn’t compromised.
Maybe if you escaped the command like
\\type sudo?no, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
You assume the shell isn’t compromised.