Re: Allowing remote root login seems to be bad. Why? (SUMMARY)



Hari Sekhon wrote:
I am a little surprised people have not been talking about ssh-key-only logins (but then I didn't bother mentioning it until now either... ;-) )

In my experience, using public key authentication is often more of a security risk, depending on the situation. If the remote machine that holds the private key (and some store this with no password for convenience) is compromised, they immediately have an open door into your server. You may have no control how passwords are enforced, updates are applied, or if any security is implemented on the remote end. Setting up public key authentication, in effect extends your "trust domain" to a server that may not be so trust worthy. To me, it makes more sense to rely on security I can control. (which is often not the case if it is some other user's office desktop or workstation)

-Bond