@Sandal6823@sh.itjust.works to Linux@lemmy.ml • edit-28 months agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-square37fedilinkarrow-up1102arrow-down14file-text
arrow-up198arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?@Sandal6823@sh.itjust.works to Linux@lemmy.ml • edit-28 months agomessage-square37fedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-square@sludgewife@lemmy.blahaj.zonelinkfedilinkEnglish2•8 months agono, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
Maybe if you escaped the command like
\\type sudo?no, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell
You assume the shell isn’t compromised.