Re: Debian Server restored after Compromise
On 7/13/06, Bas Zoetekouw <firstname.lastname@example.org> wrote:
> Debian Server restored after Compromise
Kudos to debian-admin for sorting out the situation so quickly!
> An investigation of developer passwords revealed a number of weak
> passwords whose accounts have been locked in response.
That's not good.
Should we maybe implement a stricter password policy? Or maybe only
allow pubkey ssh authentication?
I agree. pubkey ssh auth only, at least in servers with some core
services. I think the servers to support porters can be more flexible,
their downtime could hurt just one port and won't taint other services
nor the archive - not that this happened with gluck.
Btw, the exact compromised account was identified and locked too?