Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-21 month agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-squaremessage-square81fedilinkarrow-up1107arrow-down14file-text
arrow-up1103arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-21 month agomessage-square81fedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-squaregrrgyle@slrpnk.netlinkfedilinkarrow-up1·1 month agoMaybe if you escaped the command like \\type sudo?
minus-squaresludgewife@lemmy.blahaj.zonelinkfedilinkEnglisharrow-up2·1 month agono, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
minus-squarecatloaf@lemm.eelinkfedilinkEnglisharrow-up1·1 month agoYou assume the shell isn’t compromised.
Maybe if you escaped the command like
\\type sudo?no, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
You assume the shell isn’t compromised.