Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

With regards to initial VM's, I agree sometimes -- sometimes you just gotta get it done. But the others (db backup, remote monitor, etc) should use separate acct plus sudo. use userify or cloudadmins or something home-grown to manage those system accts, don't one-off and don't leave root on a net-connected machine for more than a few minutes. (also goes for all other generic accounts like ec2-user, ubuntu, etc).

asap, passwd -l root; sed -i "s/PermitRootLogin *yes/PermitRootLogin no/" /etc/ssh/sshd_config



I think the advantage of using a separate but privileged account is not as great as you think. If an attacker compromises that privileged account, chances are they will own root anyways. Why bother with the complexity then?


because they would have to guess the username too. everyone already knows root exists.


If knowing an account exists is like getting to the moon, logging into it if it requires a private key is like getting to Andromeda.

I mean, I tend to turn root access off, but let's not oversell what kind of security it gets you. There is effectively zero security difference between a non-root account + passwordless sudo and a root account if they both require a key to log in.


I think jamiesonbecker was implying that this new user would have sudo restricted to just doing the tasks required for its individual purpose, not completely open sudo. I disagree with their point, but yeah, that would have nothing to do with guessing the account name.


no idea how to get notifications for responses to my comments, sorry.

No, I am mostly implying that the name alone is a risk. If you've ever brought up a box on the net, you know that the first account that's attacked is root. While the above moon/andromeda analogy is apt, some types of vulns could also leave you open as well with a known username to login with. Better to block those outright.

Plus, there's no reason to log in as root anyway as a simple matter of best practices; it's against virtually every security standard; no auditing of privileged access and hopefully no root account sharing!

heavy opinion: logging into a remote machine as root on modern Linux/UNIX is just laziness.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: