Re: passwordless ssh root logins stopped working after testing dist-upgrade
On Tue, 6 Apr 2010 16:23:35 -0400 (EDT), Jordan Metzmeier wrote:
> On Tue, Apr 6, 2010 at 4:14 PM, Stephen Powell wrote:
>> On Tue, 6 Apr 2010 14:12:19 -0400 (EDT), Russell L. Carter wrote:
>>> I dist-upgraded yesterday and ssh root logins started requiring a
>> OK, I'll bite. Not that this is any of my business, but why do you
>> allow *root* logins via *ssh* _without_ a password. Isn't that dangerous?
>> At my shop, our policy is that root is not allowed to login via ssh
>> at all. root can only login from the system console. To login as
>> root via ssh, one must login as a normal user first, then su to root.
>> But you not only allow root to login via ssh, you don't even require
>> a password! That sounds like a security hole big enough to drive a
>> tank through! Would you mind explaining why you do this?
> What the PermitRootLogin without-password actually does is restrict
> root login to key authentication only. This (imo), is more secure than
> the default configuration as public keys are much more difficult to
> bruteforce than passwords. Also, your typical botnet (based on my own
> experiences/logs) is usually attempting to brute-force passwords.
> Also, you can add a passphrase to your public key so that it requires
> both a key and password. This also works with without-password but
> will create issues when you have scripts that need to be able to
> authenticate non-interactively.
> The sshd_config manpage does not do a very good job of explaining
> this. Hope that clears up some confusion Stephen.
So the idea is that both the server *and* the client authenticate to
each other via SSL? (I.e. both server and client have a public key /
private key pair?) And only someone in possession of the client's
private key would be able to authenticate to the server? Is that
basically what you're saying?
.''`. Stephen Powell <email@example.com>
: :' :