Dale <rdalek1...@gmail.com> wrote: > Michael Orlitzky wrote: > > On 11/10/2015 04:11 PM, waben...@gmail.com wrote: > >> You can disable password login for that user on the server. Then > >> he can only login via ssh key. Only with the knowledge of the root > >> password it is not possible to gain root access to the server. An > >> attacker also needs the ssh key. And with a camera, keylogger, or > >> measuring radiation he can not fetch that key. > >> > > This is pretty close to what I originally asked for, thank you. > > If you disable all password logins to the server AND disable remote > > root logins altogether, then you can stop someone from gaining root > > by peeking over your shoulder as you type. > > > > Unless they bash you over the head and swipe your laptop. But still, > > I'll take it. > > > > > > > > Now I'm curious. Just how often does all this stuff take place? I > figure when hackers attack, they go straight for root access anyway. > If that access is disabled then they will never get in, no matter how > long they try. From what little I know, even if they have the root > password they still can't get in unless they also have the other user > account to login with first.
A server is called is called a server because it has has something to serve. ;-) If these services (web, ftp, mail, file or whatever else) are accessible through a public network (Internet, Intranet, WLAN) then attackers are are looking for vulnerabilities in these services. Often they use exploit-kits like blackhole for that. If they find a vulnerability, they trying to exploit it. If the attackers are successful or not, depends also on how good the server is hardened, that means how good it is protected against such vulnerable services. There are different mechanisms for such protections. For example simple chroot()jails or, much more complex, access control systems like apparmor and selinux for isolating services, and SSP and PAX for protection against stack- and bufferoverflow based exploits. -- Regards wabe
