On Fri, 4 Jan 2008 17:55:49 -0800 (PST)
riley.marquis(a)tcsresearch.org wrote:
It appears as if I have fallen behind the times in terms of Linux
security. I apologize for not keeping up. =)
No worries. ;)
I'd like to take a moment to ask a few questions so that I can better
understand the reasoning behind certain changes being a bad idea, and
thus become more knowledgeable.
2: /etc/ssh/sshd_config change
In regards to changing PermitRootLogin to no, we'd obviously need a
regular user account to login to, then su to root. Thus, even one who
has the root account and password would need a regular user name and
password before the root account would do him any good. However,
perhaps there is a downside to this as well? Or perhaps we don't
change any defaults from upstream OpenSSH unless absolutely
necessary? I'm sure there are those who want to login as root, and
those who don't. Just curious about the reasoning...
Well, as you say, you need to make sure we force the user to make a
regular account first, currently thats not being done. You can do a new
install and not create a user account.
I find root ssh login handy for a number of reasons:
- You can have some family member or friend who trusts you to fix their
linux install allow your ssh key to login as root, then you never need
to know any passwords on their system or have a useless normal account
there.
- It's nice to be able to do for automated tasks (like say installing a
single new package on 20 machines without having to login and sudo on
each).
I wouldn't be opposed to disabling it if it was possible to re-enable
for folks who wanted it and we made sure there was always a way to get
in via a user account. We just basically need to make sure everything
is in place before doing anything like disabling root logins.
In regards to the GCC lockdowns, it was my understanding that
sometimes hackers use our own compilers against us by logging in as a
normal user, using gcc to build their hacktools, and then using the
built tools to compromise root. Is this something that is no longer
done? Just curious.
Sure, but disabling compiling for all the legit users is a bit like
throwing out the baby with the bathwater.
Thanks in advance!
Riley
kevin