On Wed, Jun 14, 2006 12:38:51 PM -0500, Les Mikesell (lesmikesell@gmail.com) wrote:
On Wed, 2006-06-14 at 18:56 +0200, M. Fioretti wrote:
I've read on several howtos that one way to make ssh more secure, or at least reduce the damage if somebody breaks in, is to NOT allow direct ssh login from root, but allow logins from another user. So you have to know two passwords in order to do any real damage.
[...]
Normally you would want people to use their own account for the initial login - and to use good passwords so a dictionary attack isn't likely to work.
I agree, but normal users have no reason to exist on that particular box. It is a web and email server, nothing more. Even email is handled via virtual users.
If I create another Unix account (my_aux_login), it will only be so I can disable ssh directly as root and then ssh into the box with that login, to immediately su to root for system administration. So my original question means:
(must I)/can I reduce as much as possible the privileges/access rights of the my_aux_login account? so that if somebody breaks _its_ password, it won't be able to do anything, including browsing around to see what's installed?
If yes, how?
Marco