0

Some of the comments on this post here: https://superuser.com/q/1034137/479461 are claiming this.

i.e. this one says (emphasis mine)

You got brute forced. This is why one does not leave a ssh server on the internet, even if you have a password. Anything short of key based auth is not secure enough these days.

– Journeyman Geek♦

I asked in a comment for clarification if they accidently are talking by "key authentification" about the keys of a keyboard. But got not even a response yet.(So since my private server actually has ssh root acces with an 2048bit encoded public/private key pair and thought it to be save, I'm a bit worried by this claim of an diamond user now...)

So:

Is there anything to worry about using a 2048bit encoded key pair (as Journeyman Geek♦ claims) for ssh authentification as root, in case we assume no one has acces to the private key except me?

Community
  • 1
Zaibis
  • 711
  • 1
  • 4
  • 16
  • 4
    it's a trap, don't listen to @JourneymanGeek, he's only a Journeyman, you need a master level geek like Tom Leek. Incidentally "anything short of " means "anything less than " and thus "anything less than using key based authentication (not talking about the keys on your keyboard) is not secure enough these days" – kalina Feb 03 '16 at 10:17
  • 1
    @kalina ahhhhh oh so it was a fail in my english skills facepalm – Zaibis Feb 03 '16 at 10:20

1 Answers1

4

Key authentication (using a cipher key, not a physical key) is a secure way to authenticate. Only your machine should have the private key needed to complete the key pair and thus authenticate.

Password authentication (using physical keys on a keyboard) is considered insecure since it can be brute-forced or someone looking over your shoulder when you type it can easily get ahold of it.

Furthermore, allowing logging in as root over SSH is considered bad practice. There is a seperate directive in the sshd config called PermitRootLogin, which is by default set to no. You should keep it that way. You should never directly login as the root user, but rather login as a local user and then switch to root using the su command or run a single command as root using sudo (given you are in the sudoers file), but only when you actually need it.

There are too many reasons not to login as root directly to list here, but for example's sake one important reason for this is that you cannot do any proper auditing on your system. When logging in as a local user first, you can then always check the logs and see who logged in prior to becoming root and thus who is "behind the root mask". Also, when using sudo, each command and the user that issued it are logged (by default). Logging in directly as root does not tell you which user ran specific commands and makes it hard to track down who did what on your system.

Oldskool
  • 420
  • 2
  • 10
  • I'm aware of it beeing bad practice and wouldn't do so on a production system. But by comparing the use to the risk on that machine I decided to do so. But note: I fully aggree with you. – Zaibis Feb 03 '16 at 10:26