Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re^7: [OT] A New Everything ?

by afoken (Canon)
on Sep 21, 2020 at 20:36 UTC ( #11122034=note: print w/replies, xml ) Need Help??


in reply to Re^6: [OT] A New Everything ?
in thread [OT] A New Everything ?

$ ssh root@206.189.67.44 root@206.189.67.44's password: Welcome to Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-45-generic x86_64)

That should not work. Really, disable root login, or at least setup public key authentication. You really, really, really don't want a password-based root login on anything reachable from the internet, not even when you use SSH. Generally, create an unprivileged user, make sure that user can use sudo (member of sudo or wheel group, depending on Linux distribution), and disable root login via ssh.

In /etc/ssh/sshd_config, set PasswordAuthentication no to completely disable login with passwords, and set PermitRootLogin no.

See also Greetings and salutations | sudo.

Q2) (No question too stupid, right) If I'm loggged in as root, do I use sudo on my commands?

Generally, you should not work as root, but instead use sudo. If you work as root, sudo is redundant, it just wastes CPU cycles.

Oh, and by the way: sudo su is still around in far too many HOWTOs. You do not need su at all, uninstall it. Use sudo -i if you insist on getting an interactive root shell. Use sudo -e somefile to edit a file as root.

Q3) How do I keep tally and track of robots that want to knock on my door?

Depends on your provider. The easiest way is to ignore them and let your provider deal with them.

Another quite easy way is to use fail2ban. It works especially well if your home (or office) uses a fixed IP address that is permanently whitelisted, that allows a very aggressive blacklisting of any system trying to access your server.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Replies are listed 'Best First'.
Re^8: [OT] A New Everything ?
by marto (Cardinal) on Sep 21, 2020 at 20:58 UTC
Re^8: [OT] A New Everything ?
by Aldebaran (Deacon) on Sep 22, 2020 at 06:24 UTC

    I've been through this a couple times now, and I've managed to lock myself out twice. So, now I'm trying to follow instructions carefully.

    create an unprivileged user
    root@third:~# useradd fred root@third:~# passwd fred New password: Retype new password: passwd: password updated successfully root@third:~# usermod -aG sudo fred root@third:~# groups fred

    I thought the point here was that I was to log out as root and back in as fred. I get nothing that way:

    root@third:~# exit logout Connection to 143.110.153.42 closed. $ ssh fred@143.110.153.42 fred@143.110.153.42: Permission denied (publickey). $

    After the useradd, I go in, and there's nothing in home. That doesn't make sense to me.

    Oh, and by the way: sudo su is still around in far too many HOWTOs. You do not need su at all, uninstall it. Use sudo -i if you insist on getting an interactive root shell. Use sudo -e somefile to edit a file as root.

    Okay, copy that.

    root@third:/# which su /usr/bin/su

    Is that as easy as

    rm /usr/bin/su

    Thanks for your explanations and advice.

      I thought the point here was that I was to log out as root and back in as fred. I get nothing that way:

      root@third:~# exit logout Connection to 143.110.153.42 closed. $ ssh fred@143.110.153.42 fred@143.110.153.42: Permission denied (publickey). $

      It seems fred lacks his public key in the file ~fred/.ssh/authorized_keys. You need to upload that before blocking password logins, e.g. using ssh-copy-id, add add it to the autorhized_keys file. Once that is set up, you should be able to log in using the public key.

      Is that as easy as

      rm /usr/bin/su

      Yes and no. It does remove su, but you are supposed to uninstall the entire package, e.g. using apt-get remove package-name on Debian-based distributions. The package name depends on the distribution. On Ubuntu, it's in util-linux, and you really don't want to uninstall that package. Just leave su as is. It won't hurt for now.

      After the useradd, I go in, and there's nothing in home. That doesn't make sense to me.

      Home is supposed to be empty, or a copy of /etc/skel/. How should the operating system know what you want to put there?

      Alexander

      --
      Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

        "Home is supposed to be empty, or a copy of /etc/skel/. How should the operating system know what you want to put there?"

        Aldebaran is telling you that /home/fred does not exist.

        marto@Marto-Desktop:~$ sudo useradd fred [sudo] password for marto: Sorry, try again. [sudo] password for marto: marto@Marto-Desktop:~$ sudo passwd fred New password: Retype new password: passwd: password updated successfully marto@Marto-Desktop:~$ ls -al /home total 12 drwxr-xr-x 3 root root 4096 May 12 15:05 . drwxr-xr-x 20 root root 4096 May 12 15:04 .. drwxr-xr-x 56 marto marto 4096 Sep 23 10:32 marto marto@Marto-Desktop:~$ su - fred Password: su: warning: cannot change directory to /home/fred: No such file or di +rectory $ ^C

        As previously stated useradd was not being called with the correct arguments to create /home/fred, which would have been useradd -m fred thus creating the directory and copying the files from /etc/skel.

      That isn't how you are supposed to use useradd (deprecated in favor of adduser, see man useradd), you didn't pass the appropriate flags. Don't delete sudo or su, maintain the sudoers to allow/deny programs.

      It might be a good idea to read the Debian Administrator's Handbook by RaphaŽl Hertzog and Roland Mas, available as the debian-handbook package or on its own website. I know you are using Ubuntu, but as a Debian derivative it should be comparable for the purposes of system administration.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://11122034]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (5)
As of 2020-11-26 21:27 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?