Re: [tlug] bootable linux with sshd

["Fergal Daly" <fergal@example.com>]

On 03/01/07, Curt Sampson <cjs@example.com> wrote:
> On Tue, 2 Jan 2007, Fergal Daly wrote:
>
> > BTW, it stops password logins but allows root logins. I don't really
> > see the point of not allowing root logins, I'd only go and create
> > another user with sudo permission - it'd require knowing a second
> > secret to be able to get root....
>
> That's the whole point. It's especially good if you disallow password
> logins, since then you've got to get hold of two different sorts of
> secrets (a password and a key file, which also usually has a passphrase
> on it), only one of which is subject to guessing. (Nobody's going to
> guess an ssh private key.) In fact, it adds even a third level of
> difficulty in that the attacker not only has to have a password and an
> ssh private key, but also has to know the name of the account that can
> sudo.

> From an information theory point of view and for many practical purposes

1 long secret == 3 shorter secrets

especially if the 3 shorter secrets tend to be used close together in
time. If someone can get my private key, they're a good chance they
can get my username and password too.

The only benefit I can see is that you might be less vulnerable to ssh
security holes. If root logins are disallowed then the security hole
caused by a bug might not get someone root.

Given that I hope to never use this, I'm happy enough with what I have,

F