Re: Is OpenSSH 3.5p1 secure?

From: William Peckham (mrwbp@attbi.com)
Date: 02/05/03 

From: "William Peckham" <mrwbp@attbi.com>
Date: Wed, 05 Feb 2003 02:02:28 GMT

My advice, for a start:

1. Do not allow root access over ssh.

2. Do allow access over ssh for one and only one user.

3. Use only private key (not password) authentication.

4. Manage your session access to allow you to use su or sudo to execute jobs
as root when needed, manage your automated processes so they do not NEED to
run as root.

NOTHING is perfectly secure. Anything can be made MORE secure by running it
as securly as possible. The defaults in the most recent ssh versions are
pretty good, but you have to evaluate your settings based upon your
environment. Even old 'risky' versions of ssh are many times more secure
than unencrypted telnet and ftp traffic and services! No matter how good
the software, if you configure a backdoor you have no one else to blame if
someone exploits it. If you decide you want to ANYWAY, be aware of the
risks and take reasonable precautions.

If you WILL/must allow root access from remote, the most secure
authentication is using keys. It remains secure only when you guard your
keys at least as well as you guard your root password. If you cannot follow
these minimal security guidline, then any ssh exploit is moot. Your systems
will be so vulnerable to other attacks that any 'breaker' will never get
around to exploiting ssh, nor need to in order to own your system.

Best of luck!

"ArteQ" <arteq2@go2.pl> wrote in message
news:b1ofb6$bg7$1@SunSITE.icm.edu.pl...
> Thank you guys... but you're both wrong :-)
> I ussualy use only one account (and that is root account...) to log in,
and
> there is nobody else who use ssh on my server box. So in fact there is no
> use restricting that in AllowUser directive. What I ask you is how to
> protect sshd against exploits that can be used by hackers. They don't have
> accounts on my box, so setting AllowUser won't change anything. I just
want
> to be sure that they won't use some trivial security hole to grant root
> priviliges, without knowing the password of course. So are there any
> directives that should be set so as to keep sshd secure? I've already set
> UsePrivilegeSeparation. I've also heard something about AuthBSD....
>
> ArteQ
> 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.445 / Virus Database: 250 - Release Date: 2003-01-21

Relevant Pages

  • Re: securing sshd_config
    ... so that you can use ssh from some other computer which has ssh ... or you will use a far far less secure means. ... but if I've the necessity of log-in like Administrator (i use Windows!) ... ]execute "su" to became root. ...
    (comp.security.ssh)
  • Re: able to login as root via ssh :-(
    ... in as root, and I don't recall changing that setting. ... sort of implies that ssh to root directly won't work. ... has root access enabled by default for those cases where the admin is ...
    (Fedora)
  • Re: Root access
    ... I don't even allow ssh as root on my personal machines, ... > password that was allowed to ssh via public key authentication. ... you can set up direct root access using pka to allow the execution ... PKA is the only way to go! ...
    (comp.unix.solaris)
  • Re: Secure Shell quries
    ... To have root access, one must su after ... up ssh keys to allow root access with a key only, ... The bulk of the book is on setting up the keys, distributing the keys, limiting which commands ssh can run when using particular keys, and then using roles to give slightly elevated privileges to the user with the keys so that the user can accomplish the job instead of root. ...
    (comp.unix.solaris)
  • /etc/nologin file disappears
    ... I am trying to make my system at home as secure as possible. ... worked in that I couldn't log in to ssh as me, ... I also want to prevent root from logging in. ... is no. Do I need to explicitly set it to no? ...
    (comp.security.ssh)