F22 System Wide Change: Set sshd(8) PermitRootLogin=no
J. Randall Owens
jrowens.fedora at ghiapet.net
Sat Jan 17 21:09:26 UTC 2015
On 01/17/2015 09:02 AM, Rahul Sundaram wrote:
> Hi
>
> On Fri, Jan 16, 2015 at 9:39 AM, Lubomir Rintel wrote:
>
> For this reason, I avoid privilege escalation when I need to conduct
> privileged operations, but open a separate session. The sshd daemon
> running with root privileges is more trustworthy to me than my user
> session.
>
> I have no idea what you mean here. Turning off direct root login in SSH
> doesn't make SSHD itself run as that user. SSHD is still running as root.
I can't speak for Lubomir, but I'd guess he or she meant that as root,
one's environment ($HOME/.bashrc, $HOME/.tcshrc for us weirdos, aliases,
$HOME/bin/ contents, etc.) are unlikely to have been tampered with,
unless an attacker has already gained root access anyway. Nothing to do
with sshd per se.
--
J. Randall Owens | http://www.ghiapet.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150117/78536ce7/attachment.sig>
More information about the devel
mailing list