@Sandal6823@sh.itjust.works to Linux@lemmy.ml • edit-23 months agoWhy disable ssh login with root on a server if I only log in with keys, not password?message-square78fedilinkarrow-up1105arrow-down15file-text
arrow-up1100arrow-down1message-squareWhy disable ssh login with root on a server if I only log in with keys, not password?@Sandal6823@sh.itjust.works to Linux@lemmy.ml • edit-23 months agomessage-square78fedilinkfile-text
On a server I have a public key auth only for root account. Is there any point of logging in with a different account?
minus-square@BrianTheeBiscuiteer@lemmy.worldlinkfedilink6•3 months agoDoesn’t even have to be the key necessarily. Could get in via some exploit first. Either way taking over the machine became a 2-step process.
minus-square@JustAnotherKay@lemmy.worldlinkfedilink2•3 months ago Unless your threat modelling includes nation-states At which point you should have a handful of extra layers
Doesn’t even have to be the key necessarily. Could get in via some exploit first. Either way taking over the machine became a 2-step process.
deleted by creator
At which point you should have a handful of extra layers