| christophe barbé on Mon, 1 Jul 2002 09:13:50 -0400 |
|
On Sun, Jun 30, 2002 at 11:11:17PM -0400, gabriel rosenkoetter wrote: > On Sun, Jun 30, 2002 at 09:03:05PM -0400, christophe barbé wrote: > > It seems no more a good reason with openssh and other secure links to > > avoid to log as root. > > Precisely because of this, I agree with you. Passing a shared > secrete across the wire, even across an encrypted wire, is and will > always be a bad idea. With SSH-1, it's trivially easy for a mitm to > significantly decrease his cryptographic search space for a brute > force attack if he gets to hear the IVs (and he does), and it's also > trivially easy to know which chunks of encrypted stream you want to > brute force. (Two characters followed after a brief pause by eight to > twelve will be plenty if you're watching a stistically significant > number of hosts; granted, this wouldn't get me, as I su -m, but I > just told you all that, and watching my habits--even encrypted--to > learn from them wouldn't be hard.) > > Keeping PermitRootLogin set to "without-password" in sshd_config is > a totally reasonable thing to do and, arguably, it provides a better > audit trail, in combination with some kind of accounting system, > than a sulog possibly good. (You don't really care what user became > root, you want to know what IP address they came from and as what > *real person*--based on the public key that granted them access--they > are.) > > That said, acting ordinarily as root is still a bad idea. Actions > should be taken as root ONLY when it is necessary to do so. You > should presume when you're compiling, installing, and using software > that someone WILL be trying to trick you into running something evil > (through any of the completely simple LD_* tricks, which are much > easier to deal with than trojaning any kind of binary). Thanks gabriel, This is what I expected. Of course I use ssh2 and my daemon is uptodate concerning the recent security problems. As I said earlier my point was log in as root when doing root stuff. Speaking of passphrase, I remember that when I first discovered PGP, at that time it was under Windows, there was a tool to give you an idea of the strongeness of you passphrase. It was a percentage value evolving depending on the passphrase and it was easy to see what change your passphrase from weak to strong. I don't know a tool like that under unix. Christophe -- Christophe Barbé <christophe.barbe@ufies.org> GnuPG FingerPrint: E0F6 FADF 2A5C F072 6AF8 F67A 8F45 2F1E D72C B41E Imagination is more important than knowledge. Albert Einstein, On Science Attachment:
pgpbPutOzQlMI.pgp
|
|