Re: server security :: user accounts, ssh, passphrases, etc.

["s. keeling" <keeling@nucleus.com>]

Russell L. Harris <rlharris@oplink.net>:
> 
> Is there a major or unreasonable security risk if the sysop creates
> on the server an account with the same username, password, and
> passphrase as his account on the desktop machine?

Same username is a convenience, account passwords need not be the
same, and if you gpg-genkey then distribute that key to each host's
~/.ssh, you'll ssh-add once for each sshd you subsequently make
requests of.

> That is, if the server is compromised, should the sysop change his
> password, passphrase, etc.?

If the server's compromised, you should reinstall.  Same thing you do
with penicillin these days; finish it and wipe out even the last
vestiges of the bug that infected you.  Using ssh means conversations
between boxes are encrypted, so no one's going to sniff passwords from
your traffic.  Disable sshd password logins, insisting it use crypto
keys for authentication instead.

As long as you've no keylogger running on the box where you ssh-add
(or gpg-genkey), I can't see how anyone's going to come close to
breaking in, assuming the rest of the system's been sufficiently
policed.  You're not running daemons you don't need, and you watch the
ones you do, yes?

> If so, what is the recommended alternative?  Is there a HOWTO on
> this subject?

tldp.org

Kerberos, SELinux, tripwire, portknocker, ...  Or, unplug it, put it
in a locked vault, and enjoy the peace and quiet.

If you have good backups, why worry about it?  Reinstall's minutes
away.


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*)    http://blinkynet.net/comp/uip5.html      Linux Counter #80292
- -    http://www.faqs.org/rfcs/rfc1855.html    Please, don't Cc: me.