Ssh Public Key Access for Root

[vitex]

The ssh server in the openssh.tcz package permits root access using public key (and password) authentication.

The configuration of the dropbear ssh server prohibits all ssh access by root.  I suggest that the "-w" be removed from the dropbear server's options so the user root can use public key authentication for ssh access.

The following script shows that (pubic key) ssh access by user tc is sufficient to remove the "-w" option (or do anything as else root)

Code: [Select]

#!/bin/sh

# Execute the in-line script as user tc.
ssh tc@$1 <<'EOF'

# Copy the authorized keys to root's home directory.
  sudo mkdir -p /root/.ssh
  sudo cp .ssh/authorized_keys /root/.ssh/

# Modify the dropbear options to permit root access using public keys.
  sudo sed -i '/OPTIONS=/ s:-w ::' /etc/init.d/dropbear

# Retart the dropbear server.
  sudo /etc/init.d/dropbear restart
EOF

# Test public key access for root.
ssh -q root@$1 id

so the "-w" does not seem to be doing any good.

[^thehatsrule^]

I don't think there is a general need for remote root access?  In general, I think most would avoid being root interactively.

[danielibarnes]

I don't think there is a general need for remote root access

I agree as well. If you desire root access, it is very simple to modify the /etc/init.d/dropbear script and add it to your mydata.tgz backup file. You can even call the dropbear script from /opt/bootlocal.sh during startup if you wish. I do something similar myself.  I customize it to disable password logins for even non-root on some systems and use key authentication only.

[vitex]

I build extensions using ssh access to the root account on a Micro Core virtual machine.  I use scp (over ssh) to transfer scripts to the virtual machine.  I use ssh to run those scripts as root and to monitor the results.  I use scp to bring the packaged extensions back to the host machine.

The script in the original message demonstrates that the dropbear "-w" option does not prevent root access over ssh if user tc has access over ssh.  With that script, someone can convert ssh access as user tc into ssh access as root.  Alternatively, someone who has ssh access as user tc can install openssh, whose configuration does not prohibit root access.

I use remastered Micro Core ISOs that restrict all ssh access to public key authentication, so this is really not a big issue to me.  It just seems to me that the dropbear "-w" option really serves no purpose given the current Tiny Core security model.

[danielibarnes]

Ah, sorry. I misunderstood. You are essentially saying that using sudo or installing openssh allows one to bypass the security options of dropbear. The use of sudo without a password means that the tc user is essentially the root user. Therefore, to secure a TC system, one must secure access to the tc user. You accomplished this by using key authentication for remote access. Securing local access is accomplished by simply assigning the tc user a password.

I think your point is valid. I will add it to the "Security" wiki page. While the "-w" may serve no purpose, though, it certainly does no harm.