Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-28 个月前Why disable ssh login with root on a server if I only log in with keys, not password?message-squaremessage-square74linkfedilinkarrow-up1102arrow-down10file-text
arrow-up1102arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?Sandal6823@sh.itjust.works to Linux@lemmy.ml · edit-28 个月前message-square74linkfedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-squaregrrgyle@slrpnk.netlinkfedilinkarrow-up1·8 个月前Maybe if you escaped the command like \\type sudo?
minus-squaresludgewife@lemmy.blahaj.zonelinkfedilinkEnglisharrow-up2·8 个月前no, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
Maybe if you escaped the command like
\\type sudo?no, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
You assume the shell isn’t compromised.