* Posts by manicmike

1 post • joined 12 Oct 2016

Linux malware? That'll never happen. Ok, just this once then

manicmike

Re: the system packages for most distros are totally open by default.

But sudo caters for allowing users just the elevated access they need, not to sudo to a root shell.

I was a Unix admin for many years and would never allow someone sudo to ALL unless it were me, and always require a password (which has a minimum length and complexity of course). If you're the admin of a Linux server, you generally know how these things work and don't break the golden rule of allowing people access to things they don't need.

The default sshd_config is to not allow root logins. Sometimes you do need to login as root, though, and in that case disallow password logins entirely and use a key pair. When I have sshd running and my IP address is external, logs generally show thousands of attempts (mostly from China, Korea and eastern Europe) of a root login. Even though they fail it's pretty scary how many automated hackers there are and it only takes one careless admin to allow them opportunity.

Man page for sshd_config is here https://linux.die.net/man/5/sshd_config and states the defaults, which are pretty secure. I'd still remove password logins on all accounts and edit the hosts.allow and hosts.deny files.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021