Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.security.ssh > #241

Re: SSH intrusion in Fedora 16

From Bit Twister <BitTwister@mouse-potato.com>
Newsgroups comp.security.ssh
Subject Re: SSH intrusion in Fedora 16
Date 2011-12-21 12:22 +0000
Organization A noiseless patient Spider
Message-ID <slrnjf3jss.t2s.BitTwister@wb.home.test> (permalink)
References <m3wr9rs9rg.fsf@elektro.pacujo.net> <slrnjf1237.6i2.BitTwister@wb.home.test> <slrnjf3i8p.7j8.elvis-85496@notatla.org.uk>

Show all headers | View raw

On 21 Dec 2011 11:58:43 GMT, all mail refused wrote:
> PasswordAuthentication no in /etc/ssh/sshd_config

That is a higher security level, but a bit restrictive.
I can agree "root" could ssh into system as a user, then get root access.
See Note:

With PermitRootLogin without-password you can still ssh root@target to
get in if root@target already has your public key.

Note:
  Comes in handy if system is dinked up and users can not log in.
  Also if you need to scp/rsync files with root privs from one system
  to target.

Back to comp.security.ssh | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

SSH intrusion in Fedora 16 Marko Rauhamaa <marko@pacujo.net> - 2011-12-20 14:33 +0200
  Re: SSH intrusion in Fedora 16 Bit Twister <BitTwister@mouse-potato.com> - 2011-12-20 13:06 +0000
    Re: SSH intrusion in Fedora 16 all mail refused <elvis-85496@notatla.org.uk> - 2011-12-21 11:58 +0000
      Re: SSH intrusion in Fedora 16 Bit Twister <BitTwister@mouse-potato.com> - 2011-12-21 12:22 +0000
      Re: SSH intrusion in Fedora 16 Marko Rauhamaa <marko@pacujo.net> - 2011-12-21 14:39 +0200

csiph-web