Linked by Igor Ljubuncic on Mon 2nd Apr 2012 15:41 UTC
Features, Office You have just bought tickets to an exotic vacation spot. You board the flight, you land safely, you pull your netbook from your backpack, fire it up, and then check if there are any available Wireless networks. Indeed there are, unencrypted, passwordless, waiting for you. So you connect to the most convenient hotspot and start surfing. Being addicted as you are, you want to login into your email or social network just to check if something cardinal happened in the world during your four-hour flight. You're about to hit the sign in button. Stop. What you're about to do might not be safe.
Permalink for comment 512833
To read all comments associated with this story, please click here.
rhavenn
Member since:
2006-05-12

"SSH should be setup to not allow root logins: PermitRootLogin no (I have no idea why this still isn't the default)"

Being able to rsync over SSH as root can be very convenient since rsync via user accounts doesn't preserve ownership. Do you know of an alternative?


Yes, use: without-password for the PermitRootLogin and passwords will be disabled, but you can use keys. Your rsync is most likely setup with keys anyway that don't have passwords set for them, if it's a automated type of solution.

Reply Parent Score: 1