WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: looking for suggestions as to how to prevent escalation to root in ssh  (Read 3799 times)

Offline bigpcman

  • Hero Member
  • *****
  • Posts: 719
Can someone suggest a simple way to prevent a remote ssh login (to the dropbear ssh server) from escalating to root without a password. I thought simply changing the sudoer for tc to "require a password" would do the trick but that screws up the tc x environment and of course gives up the convenience of sudo su. Any advice?
big pc man

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 11049
Re: looking for suggestions as to how to prevent escalation to root in ssh
« Reply #1 on: February 12, 2009, 09:43:05 AM »
Create a separate user, and don't give root or tc user passwords out. That separate user can have sudo with password, or no sudo right at all.
The only barriers that can stop you are the ones you create yourself.

Offline bigpcman

  • Hero Member
  • *****
  • Posts: 719
Re: looking for suggestions as to how to prevent escalation to root in ssh
« Reply #2 on: February 12, 2009, 01:24:55 PM »
Create a separate user, and don't give root or tc user passwords out. That separate user can have sudo with password, or no sudo right at all.
Silly me, I didn't realize tinycore had multiple user support. I thought the default tinycore configuration was like the frugal dsl linux version which from what I recall did not have full multi-user support. I know - I should have just tried it.
« Last Edit: February 12, 2009, 01:55:23 PM by bigpcman »
big pc man

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 11049
Re: looking for suggestions as to how to prevent escalation to root in ssh
« Reply #3 on: February 12, 2009, 05:34:32 PM »
Well, TC does not have local multiuser, but via SSH things work fine.
The only barriers that can stop you are the ones you create yourself.