christophe barbé on Mon, 1 Jul 2002 09:13:50 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] log as root or not ?


On Sun, Jun 30, 2002 at 11:11:17PM -0400, gabriel rosenkoetter wrote:
> On Sun, Jun 30, 2002 at 09:03:05PM -0400, christophe barbé wrote:
> > It seems no more a good reason with openssh and other secure links to
> > avoid to log as root.
> 
> Precisely because of this, I agree with you. Passing a shared
> secrete across the wire, even across an encrypted wire, is and will
> always be a bad idea. With SSH-1, it's trivially easy for a mitm to
> significantly decrease his cryptographic search space for a brute
> force attack if he gets to hear the IVs (and he does), and it's also
> trivially easy to know which chunks of encrypted stream you want to
> brute force. (Two characters followed after a brief pause by eight to
> twelve will be plenty if you're watching a stistically significant
> number of hosts; granted, this wouldn't get me, as I su -m, but I
> just told you all that, and watching my habits--even encrypted--to
> learn from them wouldn't be hard.)
> 
> Keeping PermitRootLogin set to "without-password" in sshd_config is
> a totally reasonable thing to do and, arguably, it provides a better
> audit trail, in combination with some kind of accounting system,
> than a sulog possibly good. (You don't really care what user became
> root, you want to know what IP address they came from and as what
> *real person*--based on the public key that granted them access--they
> are.)
> 
> That said, acting ordinarily as root is still a bad idea. Actions
> should be taken as root ONLY when it is necessary to do so. You
> should presume when you're compiling, installing, and using software
> that someone WILL be trying to trick you into running something evil
> (through any of the completely simple LD_* tricks, which are much
> easier to deal with than trojaning any kind of binary).

Thanks gabriel, This is what I expected. Of course I use ssh2 and my
daemon is uptodate concerning the recent security problems. 
As I said earlier my point was log in as root when doing root stuff.

Speaking of passphrase, I remember that when I first discovered PGP, at
that time it was under Windows, there was a tool to give you an idea of
the strongeness of you passphrase. It was a percentage value evolving
depending on the passphrase and it was easy to see what change your
passphrase from weak to strong.
I don't know a tool like that under unix.

Christophe

-- 
Christophe Barbé <christophe.barbe@ufies.org>
GnuPG FingerPrint: E0F6 FADF 2A5C F072 6AF8  F67A 8F45 2F1E D72C B41E

Imagination is more important than knowledge.
   Albert Einstein, On Science

Attachment: pgpbPutOzQlMI.pgp
Description: PGP signature