@[email protected] to [email protected] • edit-216 days agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-square76fedilinkarrow-up1101
arrow-up1101message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?@[email protected] to [email protected] • edit-216 days agomessage-square76fedilink
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-square@[email protected]linkfedilink1•16 days agoMaybe if you escaped the command like \\type sudo?
minus-square@[email protected]linkfedilinkEnglish2•15 days agono, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
minus-square@[email protected]linkfedilinkEnglish1•16 days agoYou assume the shell isn’t compromised.
Maybe if you escaped the command like
\\type sudo?no, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
You assume the shell isn’t compromised.