Security/Hacked System - Now what?!!

bruce badouglas at
Sun Dec 22 02:19:17 UTC 2013

Hi Wolfgang,

Ok, say you have a box that you want to remotely access. Never a need
to access the box via the gui/login.

And regarding the ssh/remote access, you specify public/private keys,
and you have the key process run from the key file. This allows a user
to be able to ssh into the box without having to use the ssh passwd,
but only from the corresponding box that has the associated public
(master/client) passwd/key setup to permit the login access.

But in this situation, if a user hacks into the 1st system, then they
have access to the 2nd system, assuming they know the 2nd system's
username. This would happen as the private/public key access file has
been setup!

Any way around this, or am I missing something...

I'm thinking that you could setup the user(s) on the client machine,
to restrict access/perms, but it still doesn't do anything about the
fact that once a user hacks into the parent machine, they then would
have access into the 2nd machine...

feedback welcome..

On Sat, Dec 21, 2013 at 9:06 PM, Wolfgang S. Rupprecht
<wolfgang.rupprecht at> wrote:
> bruce <badouglas at gma> writes:
>> You then mod SSH as required to disable root login
>> OK, what else should you do?
> Root login isn't a bad idea in and of itself.  More important is to not
> allow anything but public key logins (eg. ECDSA, RSA).  For people
> logging in with root credentials, give everyone a different public key
> and keep a secure copy of /var/log/secure on a secure system for
> backtracking breakins.   Each login (including root) will show which key
> was used to log in.  You can easily see who lost control of their key.
> I'm a firm believer in never allowing passwords logins over the net.
> Users will hardly ever use random-letter-upper-lower-number passwords.
> They always think they are oh so clever with easily guessed strung
> together words, with or without a punctuation char.
> -wolfgang
> --
> users mailing list
> users at
> To unsubscribe or change subscription options:
> Fedora Code of Conduct:
> Guidelines:
> Have a question? Ask away:

More information about the users mailing list