ssh securelogon?

ftornell · 2009-12-14 13:51:25

Hi,
Is all communication with an opensshd exnrypted? Imean both the handshake (authentication) and then all key strokes?
Or is it recommended to log on as a user and then do sudo or su afterwards?

.:B:. · 2009-12-14 14:04:10

You shouldn't use SSH as root. Bad practice, bad mojo.

I don't think everything is encrypted, but from the moment you're authenticated everything is. Initial authentication is clear text afaik, something SSH keys remedies.

ftornell · 2009-12-14 14:32:53

ok, so "best-practice" is to first log on as a regular user and then do the sudo stuff since its encrypted from the moment I logged on.

Last edited by ftornell (2009-12-14 14:35:38)

tomk · 2009-12-14 15:35:26

No - as B already said, best practice is to use ssh keys.

B - you have to be less subtle.

.:B:. · 2009-12-14 15:54:13

Well either that or I was being fuzzy again, I just don't know it anymore .

quarkup · 2009-12-14 22:51:35

you will be more protected if you change the door of the ssh daemon (server)
then just use keys and passsword to non-root users

actually its better to create a single user to use the ssh service so you get 'double' protection and keep your data secure even if you give the ssh key to 3rd parties or if something wrong happens.

after logged in, you just need to do

su <user>
(then you input your user password)

then use sudo as your user or even sudo su again to get root access..

Arch Linux

#1 2009-12-14 13:51:25

ssh securelogon?

#2 2009-12-14 14:04:10

Re: ssh securelogon?

#3 2009-12-14 14:32:53

Re: ssh securelogon?

#4 2009-12-14 15:35:26

Re: ssh securelogon?

#5 2009-12-14 15:54:13

Re: ssh securelogon?

#6 2009-12-14 22:51:35

Re: ssh securelogon?

Board footer