| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Feb 2007 13:40:47 +0530 From: Raj Mathur <raju@...ux-delhi.org> To: full-disclosure@...ts.grok.org.uk Subject: Re: (Psexec on *NIX) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 02 February 2007 12:08, Valdis.Kletnieks@...edu wrote: > On Fri, 02 Feb 2007 13:25:11 +0800, Eduardo Tongson said: > > On 2/2/07, Xavier Beaudouin <kiwi@....net> wrote: > > <> > > > > > Allowing direct root login even with SSH is IMHO stupid... > > > > Please elaborate why is it IYHO stupid. > > In environments where more than 1 person has root access, allowing > direct login to root means you can't keep an audit trail of which > person logged in. > > And if your environment only one person has root access, that's > just looking for a DoS if the one person is hit by a bus..... I believe we have had this discussion before, but I'll iterate my beliefs in favour of allowing direct root access again: - - Key-based root logins are quite secure. I don't see any reason why key-based root login would be any less secure than permitting a user login followed by an sudo. - - Password management is a bitch. I don't remember passwords for about half the accounts I have. Using a key-based root login, I don't need to remember those passwords either. If you take the sudo route, every user has to remember each password for each account, unless you take the deprecated route of reusing passwords (or *horrors* allow sudo without password). - - With a little bit of configuration, it's easy to figure out which key was used to login to an account; the audit trail can be managed that way. - - Managing which users have access to which root accounts is trivial this way: just add or delete their keys from .ssh/authorized_keys[2]. Of course, ideally you could use a combination of user-based and key-based logins: allow users to login any which way they want, then only allow key-based root ssh from localhost. Hmm, that's an idea worth exploring... Regards, - -- Raju - -- Raj Mathur raju@...dalaya.org http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFwvINyWjQ78xo0X8RAs9tAJ9fc7PXCY/ITlhWZdx0Pang0/mWMgCfcOkg eSmt2EEur8Jr3W9rodZEhn4= =DSri -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists