On 11/10/2015 04:11 PM, waben...@gmail.com wrote: > > You can disable password login for that user on the server. Then he > can only login via ssh key. Only with the knowledge of the root > password it is not possible to gain root access to the server. An > attacker also needs the ssh key. And with a camera, keylogger, or > measuring radiation he can not fetch that key. >
This is pretty close to what I originally asked for, thank you. If you disable all password logins to the server AND disable remote root logins altogether, then you can stop someone from gaining root by peeking over your shoulder as you type. Unless they bash you over the head and swipe your laptop. But still, I'll take it.
