Am I wrong?īeyond what suggested in the comments above you could setup a dedicated SSH key pair just for this activity and add them to the root user's /root/.ssh/authorized_keys file limiting their scope to just a single command. This seems to be the same effect as using sudo to me. Should I concern myself with this when using Key based authentication or is this a trivial difference in security/logging? It seems like Key based authentication records user's serial number in the logs, and you can have multiple keys for the root user to identify each user. It seems to be a best practice to require login as a non-root user and then require use of sudo since the logs will record who was given escalated privileges for each command. I didn't understand how to use sudo and SFTP at same time. Currently, I use root user login directly, but password login is disabled. I understand how to do SSH Tunneling to admin the system services. I need this to work with Mac connecting to Ubuntu as well. Is there a way to keep sudo & key authentication. If the system requires sudo to perform root level commands, How do I get around this?Ĭan I create a way of bypassing sudo for SFTP only? I'm using SSH Key based authentication - rsa key on smart card.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |