Comment

Comment on Do I Need to Harden SSH over Tor?

captain_aggravated@sh.itjust.works ⁨7⁩ ⁨months⁩ ago

Playing with a Raspberry Pi inside my own home network with nothing important going on and I turned the Pi off when I’m done. Like why worry about it at that point?

source

Sort:hotnew top

Acters@lemmy.world ⁨7⁩ ⁨months⁩ ago
Yes, but I usually add my public key to the authorized_keys file and turn off password authentication once i do login with a password. On top of that, I have a sshpass one line command that takes care of this for me. It’s much easier than trying to manually type a password for the next time. I save it and just run it every time I think about using password login. Next time I need to ssh, I know the password login is not necessary.

sshpass -p ‘PASSWORD’ ssh USER@IP.ADDRESS “echo ‘cat ~/.ssh/id_rsa.pub’ > ~/.ssh/authorized_keys && echo ‘Match User !root PasswordAuthentication no Match all’ > /etc/ssh/sshd_config’ && exit” && ssh USER@IP.ADDRESS

At the next reboot, your system will now only accept key logins, except for root. I hope the root user password is secure. I don’t require it for root because if a hacker does gain shell access, a password(or priv esc exploit) is all they need to gain root shell. It is also a safety net in case you need to login and lost your private key.

source
marcos@lemmy.world ⁨7⁩ ⁨months⁩ ago
Yeah, that’s not a good reason.

It’s much easier to authorize a key than to input your password on every kind of interaction.

source