Topic: Hardening SME next Release 8?

[linuxhelp]

Hi@All

i use SME two years, but in my opinion should a there way to disable root,
and by default should there a special account to reboot/shutdown the server via
ssh or console. Against handling mistakes to get a offline engine.

- do you agree? how to customize useful?
- ssh should block reboot+shutdown+ /sbin/init commands by default.

[cactus]

I disagree, if you are concerned about security of your root account you can easily set up public/private key pairs and secure your root login, see http://wiki.contribs.org/SSH_Public-Private_Keys. I see no reason to revoke certain privileges or disable commands. If you do not feel save handing out the root user or using the root privileges then create a lower privileged account and use that.

[janet]

linuxhelp

Standarda Linux best practice is to NOT use root for admin tasks etc, but to create another user with suitable rights and use the
su
command.

You can monitor your server and if any root user activity is seen, then you know it is likely to be a hacker.

Unfortunately many people still use root as they do not understand why they should not use root (ie for improved security reaons).

[CharlieBrady]

Against handling mistakes to get a offline engine.

I don't know what you mean by "get a offline engine" - what problem are you trying to solve? If the problem is that Cntl-Alt-Delete causes a reboot, then you can solve that by physical security of the server (which is highly recommended anyway), or by disabling the reboot via a configuration database change.

[CharlieBrady]

- ssh should block reboot+shutdown+ /sbin/init commands by default.

It does. 'root' access via ssh is disabled by default, and those commands are only available to 'root'.

[linuxhelp]

Hello@ALL

sorry for my bad english,

@ Charlie, sometimes i log into one of my engines at night to run a command as root (cause admin always opens console-tool)
if my eyes bad i do a remote shutdown on a other server as i want to stop first step was to disable init
at .bashrc aliase init='echo no!'

it may be a good idea to have a special account only for shutdown and reboot, and this should only have access to all reboot+init commands
this was discussed at ubuntu server forum too, but they tried to handle with rules of policykit

do you agree?

[CharlieBrady]

do you agree?

No. If you don't trust yourself to run commands as root, don't log in as root. Just use the server-manager and admin console.

A reboot it not such a harmful thing anyway; just a short outage.