[SLL] sharing superuser account is always bad policy, right?
Derek Simkowiak
dereks at realloc.net
Fri Feb 6 11:55:22 PST 2009
Phil,
Their mea culpa notwithstanding, they still store customer passwords
in plaintext, which is (in my opinion) enough reason to drop them. They
should store an MD5 or SHA hash, and that's it.
If somebody cracks their ultra-secure Microsoft SQL Server database
that holds all their customer passwords, your root password will be
compromised (along with everyone else's).
The fact that they use passwords to do root maintenance -- instead
of SSH keys -- is a major red flag. What if their employee Joe The
Administrator gets fired? Will he take retribution on your server
(since he happened to know your root password from working on it
before)? Will they ask you to reset your root password anytime an
employee gets fired? If they were using SSH keys, they could just
delete Joe's public key from /root/.ssh/authorized_keys and not have to
worry about it.
Here's a little experiment: set up a box with SSH listening on port
22, and make it accessible from the Internet. Within a few hours
(usually a few minutes) you'll start seeing dictionary password attacks
in your log file. Those dictionary attacks will trickle in ad
infinitum. (A group of developers in Germany told me they see the same
thing over there, too.)
--Derek
On 02/06/2009 10:22 AM, Phil Mocek wrote:
> [...snip...]
> Someone from their tech support department followed up with an
> apology for their request to have me send the root password via
> e-mail and wrote:
>
> [...snip...]
More information about the linux-list
mailing list