>only logging in as root is dangerous!
>>52099086
is kinda is though
>>52099086
I like to live dangerously. :^)
Never understood why everyone is against using root login with password over ssh
> bruteforcing over network is slow.
> dictionary attack has no effect against unique passwords
> fail2ban
What am I missing /g/?
>>52099214
I do exactly this
ssh as root
decent password
fail2ban setup
>so mad about this he actually made a new thread
jesus christ
>>52099086
Class is subjective. The conventional term involves having a worthwhile career, expensive suits and a beautiful wife waiting at home. This fedora tipper has none of that, he is just plain salty.
>>52099214
>have a keypair
>it just werks
arch fedora spotted
>>52099214
public key is more comfy
>>52099637
Harder to set up.
This is coming from someone that just learned how to do some crap with gpg.
>>52099652
not really. you generate the key pair once, which takes maybe 5 minutes if you know nothing about the subject and have to research everything.
after that, it's just pasting a string into a file for every box.
>>52099678
Funny, I thought you could set up SSH to auto-login with just public key authentication. I've heard of people doing it
>>52099086
You should never log in as root unless it's absolutely necessary.
>>52099698
You can, with ssh-agent.
>>52099086
>what is "sudo"?
>>52099086
people who are only use root are just too retarded to configure sudo
>>52102237
this
>not having control over your own system
>scared some hackerman is going to physically sit down at your system and hackerman it
>>52102401
>sudo JUST
was that hard for your UAC-disabled mind?
>>52102468
>having to sudo when you could just log in as root
???????????????
You shouldn't login as root ever basically. There are very few applications that actually need to be run with root privileges and if you come across one you can just use sudo. For the 99% of applications out there run them as regular user, it protects the OS from damage both malicious and not.
Obviously if your computer gets fucked and you're left in single user mode then whatever but generally there's no reason for that to happen.
Really fast and stupid question. When you log via ssh to your machine without priv/pub keys your password is it send in plain text ?
>>52103028
I'm pretty sure the password goes through ssh, which is encrypted.
Could be wrong though so feel free to correct me
>>52099086
It is.
Hey fags do logical volumes have uuids?
>>52099086
A real man just do "chmod -R 777 /*".
>>52103028
ssh = "secure shell". Yes it's encrypted.
>>52102485
>accidentally deleting important root files, when you try to delete files from your /home directory`
>>52099086
is that rocco?
>>52099698
>ssh-keygen
>ssh-copy-id [email protected]
>ssh [email protected]
>>52103028
>>52103209
>>52103096
Through Diffie-Hellman algorithm ssh can encrypt the connection without having to send information over insecure channels.
priv/pub keys or passwords are only used for authentication.
>>52099652
>just learned how to do crap in gpg
>hardssh-keygen -b 4096
also, use GPA
I log in as root over ssh using encrypted keys and a strong password as my login. Is this a big deal? I also log in as root on my laptop just because I hat using sudo
what is the point in generating key pairs if you still need a password?
>>52104691
Like how is it any more secure if you still have a password login
>>52104691
only people with the allowed keys can login
you need the password to unlock the key, so any random asshole with the right key can't log in w/o he password
>>52099652
Literally pasting your public key fingerprint in authorized_keys in your .ssh
Password auth is retard tier and is asking for a chinese cracker to eventually crack your system
>>52104691
I do it just in case someone gains assess to my laptop that way they can't just ssh into all my boxes
is that picture real or did someone paste that text over it?
either way it makes me want to kill myself
Here's a picture of a stack of rocks to balance out the faggotry in this thread
>>52104664
You can use root anytime you want mang
Its just that its a big security hole to be God all the time. Might as well delegate your powers to a lower level user, with sudo powers.
Operating in root is fine, but I wouldnt use root to deploy services, do simpl adminstration with it
Is it a bad idea to login as root via sftp to edit files in /etc? Yes, I use public keys.
>>52103515
Files in your /home directory often cannot be replaced. Pic semi related.
why would anyone need sudo on a single user box?
>$ sudo su
>#
>>52104727
>>52104727
>>52104766
Password for your remote user account, not the password to encrypt your private keys
>>52104883
>Autologin
>No 2FA wherever possible
>Friends
>>52104883
xkcd comic misses the point. The root user has access to all of those things plus the personal information of everyone else on the machine as well. The root user can also run their own services to gather even more information if necessary.
>>52105875
>plus the personal information of everyone else on the machine as well
Most personal machines are only used by 1 user.
>The root user can also run their own services to gather even more information if necessary.
Such as? If everything of importance is on the user account, what's a root-level takeover going to do?
>>52105733
all this, christ.
>>52105920
On *nix it's common to run high risk processes in their own user account if not in a chroot jail. xkcd comic problem could be mitigated if he ran separate user account for his bank/paypal needs and then somehow sorted his pictures so important ones are stored off of the computer on an external.
>>52099214
So what happens when you run into a website or software which attempts to exploit your system?
If successful then attacker has managed to run code on a system with root access.
So they reverse shell you. Now they have root access in a shell. Now they have access to literally every single thing on your system.
By running as standard user you add a layer of security that protects you against your own stupidity. It allows you to configure and manage multiple levels of access to the system, who can sudo, what level certain programs run at.
It's just good practice.
>this is why windows is so pwnable
>everyone runs as admin and doesn't update their shit.
Tl;dr running as root is retarded.
>>52099214
jupp have this too exactly like this. Today /g/ seems to contain its antirootautism
>>52099086
>he thinks that linux is only installed on single user systems
There's a world beyond your arch box in your basement.
>>52106448
There is no good reason to run as root, "muh convenience" is not a valid excuse.
>>52106804
Cowboy coding is almost always done in root.
>>52106911
Want me to tell you how I know you have no idea what you're talking about?
>>52106365
Also to do sudo you must enter a password, that way just getting code to run as a specific user isn't enough to totally pwn the system (without further exploitation at least)
