Comment by sam_lowry_

Comment by sam_lowry_ 13 hours ago

2 replies

View on Hacker News

I configure password login for root on on standard port for all servers I personally control. Moreover, they all have the same root password.

Over the 20+ years, I witnessed a few security incidents. None was related to ssh, let alone a break in via a weak password.

But I ran into many situations when I needed immediate access to the server and this setup saved my day, my money and my nerves.

jand 12 hours ago

sry to be that guy (with a snarky comment):

> Over the 20+ years, I witnessed a few security incidents.

As you said, the attackers who breached your system had ssh root access and you had no chance to detect them.

Reply View 1 reply
  • sam_lowry_ 11 hours ago

    Attackers attack for a reason. For targets like my servers, they mostly want to install mining software or a DDoS bot. This is detectable via cpu or network monitoring.

    I assume if someone wanted to extort money from me after encrypting the disks on my servers, I would also be somehow informed.

    Reply View 0 replies