maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   General (https://talk.maemo.org/forumdisplay.php?f=7)
-   -   network security (https://talk.maemo.org/showthread.php?t=9169)

.Ray 2007-08-25 10:31
network security
 
A thought just came to mind, if I can ssh to my N800 from my pc as root, then so can anyone from the internet if I'm on a public access point, while the risk is low, it is not the best security practice.

Changing the root password appears to break the application manger gui. So as a paranoid user, I have edited /etc/ssh/sshd_config adding the following line:

DenyUsers root@*

and now to ssh into the device, I have to go in as "user" and run sudo gainroot, of course the user account is password protected :)

brendan 2007-08-25 12:26
Re: network security
 
well if you simply set PermitRootLogin to "no" or "without-password" you would accomplish pretty much the same, but (in the case of "without-password") still allow yourself to generate an ssh key and get on the device as root with that key.

guess there is more than one way to skin a cat...

TA-t3 2007-08-27 12:22
Re: network security
 
What brendan says is good advice, and .Ray's solution also works, but I thought I should point out that changing the root password should not break anything. I have changed the root password after every firmware upgrade (exactly because I have an ssh server installed), and this has no side effects at all.


All times are GMT. The time now is 03:38.

vBulletin® Version 3.8.8