undefined | Better HN

0 pointsmichaelmior11y ago0 comments

[1] Why shouldn't I suggest it? Apparently it's obvious, so it would be nice to share. [2] I'm not sure where you get that /home and / are usually on different partitions. There's usually the same partition on machines I've administered. But if that is the case, you can find/create a suitable folder on the same partition (/var/tmp/ comes to mind)

I understand you didn't say impossible, but this doesn't really seem to be impractical to me at all.

0 comments

Sae5waip11y ago

@Passwordless sudo: Because then you have effectively made your user root, and compromising your user account is enough to get root access immediately. If you do that, then why have a seperate user at all?[3]

@Partitions: Seperating /home and / prevents normal users from filling up /. (And if you put both on LVM, you can grow them as needed.) Yes, I've only had this on some of the servers I've run.

@Impractical: it's one additional command for something I do quite often[4], and I still don't see the benefit (reminder: I fully agree with never using "PermitRootLogin yes").

[3] Granted, it does provide some context seperation in the sense that if you want to perform an administrative task, you have to explicitly use sudo. But it doesn't increase security, and it offers no advantage over "direct root access + normal user account".

[4] Not just scp, but also things like "less /var/log/messages" or "git clone root@host:/etc".

And again: what does "PermitRootLogin no" gain you over "without-password"? Why restrict it for no additional benefit?

michaelmiorOP11y ago

I'm not really on one side of the argument or the other, but disabling root login means that an attacker doesn't automatically know the name of an account where login is permitted for one. Certainly not the best security mechanism, but if there happened to be some 0-day on the SSH server, you're much more likely to be safe from automated attacks.

Sae5waip11y ago

Automated 0-day attack: fair point.

Though direct remote code execution is probably much, much more likely than authentication bypass.

j / k navigate · click thread line to collapse

0 pointsmichaelmior11y ago0 comments

I understand you didn't say impossible, but this doesn't really seem to be impractical to me at all.

0 comments

Sae5waip11y ago

@Partitions: Seperating /home and / prevents normal users from filling up /. (And if you put both on LVM, you can grow them as needed.) Yes, I've only had this on some of the servers I've run.

@Impractical: it's one additional command for something I do quite often[4], and I still don't see the benefit (reminder: I fully agree with never using "PermitRootLogin yes").

[4] Not just scp, but also things like "less /var/log/messages" or "git clone root@host:/etc".

And again: what does "PermitRootLogin no" gain you over "without-password"? Why restrict it for no additional benefit?

michaelmiorOP11y ago

Sae5waip11y ago

Automated 0-day attack: fair point.

Though direct remote code execution is probably much, much more likely than authentication bypass.

j / k navigate · click thread line to collapse