Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I recently started looking at my auth-logs and surprisingly found bots from china trying to bruteforce their way in this (didnt try hard). I went all about changing numerous things that bots would never check, and made harder to bruteforce.
My question is:
I am trying to find a list of all users that can log in to my server via SSH. I know that /etc/passwd has a list of all users, but I don't know if any of them (except for 1) can be logged in.
My goal is to only have 1 user that can be logged in, and having that user have a real strong password.
Read man sshd_config for more details, but you can use the AllowUsers directive in /etc/ssh/sshd_config to limit the set of users who can login.
e.g.
AllowUsers boris
would mean that only the boris user could login via ssh.
Any user with a valid shell in /etc/passwd can potentially login. If you want to improve security, set up SSH with public-key authentication (there is lots of info on the web on doing this), install a public key in one user's ~/.ssh/authorized_keys file, and disable password-based authentication. This will prevent anybody except that one user from logging in, and will require that the user have in their possession the matching private key. Make sure the private key has a decent passphrase.
To prevent bots from trying to get in, run SSH on a port other than 22 (i.e. 3456). This doesn't improve security but prevents script-kiddies and bots from cluttering up your logs with failed attempts.
Any user whose login shell setting in /etc/passwd is an interactive shell can login. I don't think there's a totally reliable way to tell if a program is an interactive shell; checking whether it's in /etc/shells is probably as good as you can get.
Other users can also login, but the program they run should not allow them to get much access to the system. And users that aren't allowed to login at all should have /etc/false as their shell -- this will just log them out immediately.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I have about 50 computers that I need to be able to establish ssh connection. But I have to do it without typing each person's password while doing ssh-copy-id. I tried to disable password authorization in ssh but it doesn't work, still asks for a password. I know each IP but I think if there is any way to connect without a password at all? It's also acceptable if ill go to every person and ask them to enter their password on their PC. Thanks
From ssh-copy-id(1):
By default it adds the keys by appending them to the remote user's ~/.ssh/authorized_keys (creating the file, and directory, if necessary).
Since all ssh-copy-id does is copy your public key (usually ssh-keygen will create it in ~/.ssh/id_rsa.pub) to the ~/.ssh/authorized_keys file, if you want to avoid entering the 50 passwords in ssh-copy-id you just have to find a way to append your key to the 50 files. I can think of multiple methods for this:
Go physically to every machine with an thumb drive containing your pubkey and copy it by hand
Prepare an authorized_keys file, set up an anonymous ftp server (or probably any other kind of server) with the right rights and push it through there (will only work if you're certain you don't care about any data that could have been written to a preexisting file)
If you have one already setup, use a deployment tool
If each machine has a user, you could go the other way around, setup your machine with a file/web server, put you pubkey on it with a script/binary that fetches the key from the server and adds it at the bottom of the authorized_keys file and ask every user to download and execute the file
There's probably other possible methods, those seems like the easiest to me though
You can login in a remote linux by ssh without password using 'ssh-keygen' and 'ssh-copy-id':
1.- Create public and private keys using ssh-key-gen on local-host:
ssh-keygen
2.- Copy the public key to remote-host using ssh-copy-id
ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
3.- Login to remote-host without entering the password
ssh remote-host
You have more information in this documentation.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Is it possible to login via ssh on a linux machine, using one of two (or more) passwords set for root?
I want a primary password that I will change it frequently but in a case of emergency I want a "backup" password that will log me in. I hope that I stated the question clear. ;)
Don't use root accout. Use sudo.
When you configure sudo for your ordinary account, you can change root password to something complex and use sudo for normal daily work.
When something breaks, you will login to root with the complex password.
You can create multiple accounts that have userid 0, each with a different password. What matters for permissions is the userid, not the name.
However, there are some scripts that may check whether you're running as root, and they might check the login name rather than the ID. But if you're just using the backup account for emergency purposes, these glitches should not be a problem.
Disable the root login via ssh and create two user accounts, one for myself and a default account (which is there on all my machines with limited sudo access) with sudo access for both is what I do.
If it's all about ssh, then you can use keybased authentication, rather than password based auth.
This way, two (or more) users can login (as root, as a given user) without having to share the password.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Let's say I let my friend "Stuart" have an account on my VPS with very limited privileges because he asked very nicely. Since Stuart isn't so bright, he accidentally posts his password in an IRC chatroom, and now everyone and his/her grandma can ssh into his account. My question is, in the hands of an experienced hacker, what kind of damage can be done to the system?
Could someone just write a simple C program to intentionally manipulate a buffer overflow in strcpy and serve up a root shell for full control of the system, or are there built-in protections against that in the OS?
There are any number of attackers an attacker with local privileges could perform including but not limited to:
Fork Bombs
Accessing services bound to 127.0.0.1
Using your server as a proxy for malicious attacks
Serving malicious files from your server
Local exploits
Information Leakage
Mail relaying
etc
The attack you describe however is not possible as the file would have to have to be owned by root and have the setuid or setgid bits set.
Once someone has access to the machine, instead of needing a remote exploit, they only need to escalate privileges to have root access.
Remote exploits require having an external publicly-accessible vulnerable service. There shouldn't be any of those running on a standard VPS, assuming that it's being well maintained.
Once a remote user can authenticate, they can execute any code that's on the machine, or bring in more. If there is a bug in the kernel, or in any program that has setuid to root, they can use that to escalate their privileges to a user who has more power - like root.
So a simple buffer overflow in a custom program written by the attacker isn't your concern - that shouldn't allow them to have any extra power. What you're concerned about is a bug in the system that the attacker now has the access, and so, the ability, to exploit.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I am attempting to automate committing some files to SVN during our automated build process. Hudson does not have a tool (that works) to do this simply. I found Plugin to commit hudson build artifact which shows a second example using a simple command. The difficulty is now on obfuscating the credentials supplied.
I didn't really like the idea of building my batch into an exe -- it seemed a bit too bulky and not able to change. I was racking my brain for other ideas and coworker and I came up with this:
Create a new user in SVN with no privileges. I've called this user 'hudson'
Give hudson only the ability to read/commit to the one project in question. It cannot delete.
Use username/password unobfuscated. :x
Now, accessing our Hudson build server requires authentication. So, there is at least one level of implied authentication before being able to hit the unobfuscated password. If a malicious user had the ability to see this unobfuscated password then it is implicit that they have more privileges than having the unobfuscated password would grant them. Does that make sense? Is this sound? I feel really dirty for doing this, but I can't think of a simpler way to do it.
In the broadest terms, this is not a problem. However, there are several things you can do to improve it.
The password in question should be long and random. It's only used by a program; why should it be easy to read?
I generally apply small obfuscations to such password, particularly if they are not long and random for some reason (such as them being also used by humans). The reason is to prevent someone looking over my shoulder from suddenly knowing the password. Mild screening is useful anytime you're going to put a password in a script.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I'll be using a shared Internet connexion starting this September at my school and I was wondering about what someone sniffing traffic with Wireshark may find there. I am not planing to do this myself but I feel I ought to know more about it if I want to sometimes work on my website during class.
Basically, isn't every non-SSL website that asks you for a password and an e-mail totally unsecure to log on on a shared connexion? When you know how many people use the same password for all their web/laptop/mobile accounts, it doesn't take long to get access to someone's all private data if you manage to sniff one password and e-mail.
As for me, I am already looking at how to secure my FTP connexions, but what about my users who log through HTTP? Unless I buy a SSL certificate (which I don't want, the site's too small), they are going to get more exposed to Wireshark sniffers all over the world, right? Isn't this where login tools such as OpenID become handy for small communities, since they do provide a free encryption of passwords?
OpenID and SSL are completely unrelated. OpenID's purpose is to consolidate and give ownership of a user's identity to the user, while SSL is used to keep a user's traffic with your site secret (encrypted). You can use OpenId to keep track of the user (like Stackoverflow does) and still not use SSL for the content pages.