[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: is it rational to close the 139 port

On Du, 22 iul 12, 22:33:49, lina wrote:
> Another thing I am a little concern,
> I can ssh from remote server back to laptop without password.

Passphraseless keys?

> but on the remote server, actually someone who has root privilege can
> easily su lina and ssh to my laptop (sorry to assume like that, we
> have a great system administrators in those servers).
Sounds like it from your description.

> my concern is that it's a good idea to put the public keys from remote
> servers into my authorized_keys, just for scp convenience?

I think you are mixing things. The client (in the case about the remote 
server) needs a private key accepted by the "server" (in you case above 
the laptop), that is, they are listed in the authorized_keys on the 

Back to your question a general recommendation is to not put or use 
sensitive material (and SSH private keys and their passphrase do count 
as such) on machines where you don't trust root.

Hope this explains,
Offtopic discussions among Debian users and developers:

Attachment: signature.asc
Description: Digital signature

Reply to: