From: Michael Orlitzky <mjo@gentoo.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] OpenSSH upgrade warning
Date: Tue, 10 Nov 2015 16:23:50 -0500 [thread overview]
Message-ID: <56426066.6020908@gentoo.org> (raw)
In-Reply-To: <20151110221149.47a15177@hal9000.localdomain>
On 11/10/2015 04:11 PM, wabenbau@gmail.com wrote:
>
> You can disable password login for that user on the server. Then he
> can only login via ssh key. Only with the knowledge of the root
> password it is not possible to gain root access to the server. An
> attacker also needs the ssh key. And with a camera, keylogger, or
> measuring radiation he can not fetch that key.
>
This is pretty close to what I originally asked for, thank you.
If you disable all password logins to the server AND disable remote root
logins altogether, then you can stop someone from gaining root by
peeking over your shoulder as you type.
Unless they bash you over the head and swipe your laptop. But still,
I'll take it.
next prev parent reply other threads:[~2015-11-10 21:24 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-10 1:38 [gentoo-user] OpenSSH upgrade warning Michael Orlitzky
2015-11-10 3:26 ` Jeff Smelser
2015-11-10 9:53 ` Alan Mackenzie
2015-11-10 10:02 ` Neil Bothwick
2015-11-10 10:05 ` Alan McKinnon
2015-11-10 14:47 ` Michael Orlitzky
2015-11-10 15:30 ` Alan McKinnon
2015-11-10 15:58 ` Michael Orlitzky
2015-11-10 16:13 ` J. Roeleveld
2015-11-10 16:26 ` Michael Orlitzky
2015-11-10 17:17 ` Michael Orlitzky
2015-11-10 20:52 ` wabenbau
2015-11-10 21:00 ` Michael Orlitzky
2015-11-10 21:11 ` wabenbau
2015-11-10 21:23 ` Michael Orlitzky [this message]
2015-11-10 21:48 ` Dale
2015-11-10 23:22 ` wabenbau
2015-11-10 18:26 ` Alan McKinnon
2015-11-10 18:55 ` Michael Orlitzky
2015-11-10 19:00 ` Jeff Smelser
2015-11-10 19:17 ` Michael Orlitzky
2015-11-10 19:20 ` Jeff Smelser
2015-11-10 19:23 ` Stanislav Nikolov
2015-11-10 19:25 ` Michael Orlitzky
2015-11-10 19:32 ` Stanislav Nikolov
2015-11-10 19:38 ` Michael Orlitzky
2015-11-10 19:31 ` Michael Orlitzky
2015-11-10 19:37 ` Stanislav Nikolov
2015-11-10 19:37 ` Jeff Smelser
2015-11-11 4:51 ` Walter Dnes
2015-11-12 12:05 ` Rich Freeman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56426066.6020908@gentoo.org \
--to=mjo@gentoo.org \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox