Ping a Specific Port

Question

JM4

Asked: 2013-12-14 15:05:57 +0800 CST2013-12-14 15:05:57 +0800 CST 2013-12-14 15:05:57 +0800 CST

Is it wise to use very secure password for sudo users when using SSH Keys for server login?

772

I am not asking how to do anything here, rather trying to understand best practices and the "right" way to handle server security. To prevent brute force password attacks, I have secured my server in a number of ways, one of which being password protected SSH Keys for login on any user (right now it is a single developer box). Obviously any time a user needs to login he will need access to both the key and the password for that key.

However, I am trying to understand how I should handle a system password for that (or any) particular user, specifically when dealing with sudo. A few questions:

is there value in giving each user a password at all (so he/she can use sudo)?
if so, is it overkill to use an insanely secure password for such (i.e. 384 bits+)
assuming the answer above is no:
- How could any user remember this password every time they need to run a sudo command (yes lastpass, dashlane, 1pass, etc are options but having to open/authenticate/find and copy that really long password seems like a huge pain the ass).
- What is secure enough for these passwords and does it matter if dictionary attacks would find the sudo password in 3 seconds anyway?

Thank you ahead of time!

2 Answers

Voted

dmourati · Answer 1 · 2013-12-14T15:10:29+08:00

Best Answer

dmourati

2013-12-14T15:10:29+08:002013-12-14T15:10:29+08:00

I go the opposite way and use passwordless sudo.

%sudo ALL=(ALL:ALL) NOPASSWD:ALL

As you point out, make sure your user ssh keys have a passphrase. Also, make sure you disable password authentication to SSH.

If you've done the above, I find this configuration is very functional.

3

Matthew Ife · Answer 2 · 2013-12-14T16:03:09+08:00

Matthew Ife

2013-12-14T16:03:09+08:002013-12-14T16:03:09+08:00

Having a password on sudo isn't just about authentication, it provides an interrupt to authorize requests too.

If you copy and paste in a script that contains sudo rm -rf / passwordless sudo wont help you.

There is also the possibility that a potential user becomes a target for privilege escalation by another user, if the a malicious user can somehow become the trusted user who has passwordless sudo access; say the trusted user has an innocuous cron job that executes a script the malicious user has write privileges to and he changes the script to do something else.

These may not be concerns to you, but note that the password prompt prevents certain attack vectors from becoming a reality.

2

Is it wise to use very secure password for sudo users when using SSH Keys for server login?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?