| 1 |
On 10/12/06, Peter Abrahamsen <rainhead@×××××.com> wrote: |
| 2 |
> Hi list, |
| 3 |
> |
| 4 |
> I'm looking for some opinions for a security decision. I need to |
| 5 |
> enable remote administrative access to critical systems living about |
| 6 |
> 3-4 hours from me and in another country. The systems will be running |
| 7 |
> LAMP, more or less. |
| 8 |
> |
| 9 |
> Which is a better idea, allowing key-only root access, or ssh'ing in |
| 10 |
> as myself and running su/sudo/whatever? Either way, I'll set up |
| 11 |
> iptables so that connection attempts from anywhere other than my |
| 12 |
> office are -j DROP'ed. |
| 13 |
|
| 14 |
Ssh'ing to root with key-only plus a good passphrase is best. |
| 15 |
Avoid ugly workarounds and unnecessary complexity like port |
| 16 |
knocking and sudo. |
| 17 |
|
| 18 |
ssh in as root, this is not the 90's anymore. |
| 19 |
|
| 20 |
- ed |
| 21 |
-- |
| 22 |
gentoo-server@g.o mailing list |
Archives