Tiny Core Linux

Tiny Core Base => TCB Q&A Forum => Topic started by: bigpcman on February 11, 2009, 07:41:08 PM

Title: looking for suggestions as to how to prevent escalation to root in ssh
Post by: bigpcman on February 11, 2009, 07:41:08 PM

Can someone suggest a simple way to prevent a remote ssh login (to the dropbear ssh server) from escalating to root without a password. I thought simply changing the sudoer for tc to "require a password" would do the trick but that screws up the tc x environment and of course gives up the convenience of sudo su. Any advice?

Title: Re: looking for suggestions as to how to prevent escalation to root in ssh
Post by: curaga on February 12, 2009, 06:43:05 AM

Create a separate user, and don't give root or tc user passwords out. That separate user can have sudo with password, or no sudo right at all.

Title: Re: looking for suggestions as to how to prevent escalation to root in ssh
Post by: bigpcman on February 12, 2009, 10:24:55 AM

Quote from: curaga on February 12, 2009, 06:43:05 AM

Create a separate user, and don't give root or tc user passwords out. That separate user can have sudo with password, or no sudo right at all.

Silly me, I didn't realize tinycore had multiple user support. I thought the default tinycore configuration was like the frugal dsl linux version which from what I recall did not have full multi-user support. I know - I should have just tried it.

Title: Re: looking for suggestions as to how to prevent escalation to root in ssh
Post by: curaga on February 12, 2009, 02:34:32 PM

Well, TC does not have local multiuser, but via SSH things work fine.