On a server I have a public key auth only for root account. Is there any point of logging in with a different account?

  • lordnikon@lemmy.worldEnglish
    221·
    7 days ago

    Yes it’s always better to login with a user and sudo so your commands are logged also having disable passwords for ssh but still using passwords for sudo gives you the best protection

    • Lemmchen@feddit.orgEnglish
      7·
      7 days ago

      Sudo also allows for granular permissions of which commands are allowed and which aren’t.

    • grrgyle@slrpnk.net
      6·
      6 days ago

      Also double check that sudo is the right command, by doing which sudo. Something I just learned to be paranoid of in this thread.

      Unless which is also compromised, my god…

      • sludgewife@lemmy.blahaj.zoneEnglish
        3·
        6 days ago

        which sudo will check $PATH directories and return the first match, true. however when you type sudo and hit enter your shell will look for aliases and shell functions before searching $PATH.

        to see how your shell will execute ‘sudo’, say type sudo (zsh/bash). to skip aliases/functions/builtins say command sudo

        meh nvm none of these work if your shell is compromised. you’re sending bytes to the attacker at that point. they can make you believe anything

          • sludgewife@lemmy.blahaj.zoneEnglish
            2·
            6 days ago

            no, if the attacker can change files in your account, they can read every byte you type in and respond with anything, including pretending to be a normal shell. im not sure how to prevent ssh from running commands in your shell