Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-22 months agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-squaremessage-square7linkfedilinkarrow-up10arrow-down10file-text
arrow-up10arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-22 months agomessage-square7linkfedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-squaredeadbeef79000@lemmy.nzlinkfedilinkarrow-up0·2 months agoThat server’s root access is now vulnerable to a compromise of the systems that have the private key.
minus-squareBCsven@lemmy.calinkfedilinkarrow-up0·2 months agoOnly the server should have the private key. Why would other systems have the private key?
minus-squareforbiddenlake@lemmy.worldlinkfedilinkEnglisharrow-up0·2 months agoThe client has the private key, the server has the corresponding public key in its authorized keys file. The server is vulnerable to the private key getting stolen from the client.
minus-squarex00z@lemmy.worldlinkfedilinkEnglisharrow-up0·2 months agoFinding an exploit in ssh is worth more than whatever your server has to offer though.
That server’s root access is now vulnerable to a compromise of the systems that have the private key.
Only the server should have the private key. Why would other systems have the private key?
The client has the private key, the server has the corresponding public key in its authorized keys file.
The server is vulnerable to the private key getting stolen from the client.
deleted by creator
Finding an exploit in ssh is worth more than whatever your server has to offer though.
deleted by creator