Re: Root SSH permitted by default (was: how does root run a graphical prog)

To: debian-user@lists.debian.org
Subject: Re: Root SSH permitted by default (was: how does root run a graphical prog)
From: Jamin W.Collins <jcollins@asgardsrealm.net>
Date: Wed, 22 May 2002 18:14:11 -0500
Message-id: <[🔎] 20020522181411.08c66ad5.jcollins@asgardsrealm.net>
In-reply-to: <[🔎] 20020522214015.GC3148@doorstop.net>
References: <[🔎] 20020520234531.A5314@singnet.com.sg> <[🔎] 200205201849.19341.gtdev@spearhead.de> <[🔎] 20020520123728.B606@sherohman.org> <[🔎] 20020520180150.GA30651@arborlon.riva.ucam.org> <[🔎] 20020520133749.19d52f42.jcollins@asgardsrealm.net> <[🔎] 20020520192610.GC31416@arborlon.riva.ucam.org> <[🔎] 3CEA9B84.32D04E91@helices.org> <[🔎] 20020522214015.GC3148@doorstop.net>

On Wed, 22 May 2002 14:40:15 -0700
"Vineet Kumar" <debian-user@virtual.doorstop.net> wrote:

> * Michael D. Schleif (mds@helices.org) [020521 12:10]:
> > Here's my lack of understanding:
> > 
> > [a] ssh root@remote.system requires cracking only one (1) string:
> >     [1] root's password
> > 
> > [b] ssh mortal_user@remote.system requires cracking three (3) separate
> > strings:
> >     [1] mortal_user's username (without this, there is not even system
> > access);
> >     [2] mortal_user's password; and
> >     [3] root's password
> > 
> > Since _god_ on a given system is almost always root or administrator,
> > I fail to see how [a] can be considered at least as secure as [b].
> > 
> > What am I missing?
> 
> The point is that once you have [b1] and [b2], [b3] is as easy to get
> by dropping in a new '~/bin/su' which will read a password, pretend to
> the user that there was a typo, read it again, email you the password,
> delete itself, and then perform the real /bin/su.

Correct.  Assuming that the cracker has [b1] & [b2] & the system is
allowed to send the message out.  However the cracker must gain the above
before becoming root.  They can't simply step right in via root allowed
logins and password authentication.

> So this boils down to [b] is better because of [b1], which I think we'll
> all agree isn't *that* difficult to get, if you know anyone who has an
> account on the machine, or even just patience and a watchful eye.
> Generally usernames aren't kept super-super secret.

Which in and of itself is a good argument for using keyed access rather
than password based authentication for SSH (or other remote shells).

-- 
Jamin W. Collins


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- how does root run a graphical prog
  - From: Willy S <spamtrap@bozz.com>
- Re: how does root run a graphical prog
  - From: Nicos Gollan <gtdev@spearhead.de>
- Re: how does root run a graphical prog
  - From: Dave Sherohman <esper@sherohman.org>
- Re: how does root run a graphical prog
  - From: Colin Watson <cjwatson@debian.org>
- Root SSH permitted by default (was: how does root run a graphical prog)
  - From: Jamin W.Collins <jcollins@asgardsrealm.net>
- Re: Root SSH permitted by default (was: how does root run a graphical prog)
  - From: Colin Watson <cjwatson@debian.org>
- Re: Root SSH permitted by default (was: how does root run a graphical prog)
  - From: "Michael D. Schleif" <mds@helices.org>
- Re: Root SSH permitted by default (was: how does root run a graphical prog)
  - From: Vineet Kumar <debian-user@virtual.doorstop.net>

Prev by Date: Uninstalling programs
Next by Date: Re: Galeon user agent causing problems?
Previous by thread: Re: Root SSH permitted by default (was: how does root run a graphical prog)
Next by thread: Re: how does root run a graphical prog
Index(es):
- Date
- Thread