← Back to context

Comment by sam_lowry_

13 hours ago

I configure password login for root on on standard port for all servers I personally control. Moreover, they all have the same root password.

Over the 20+ years, I witnessed a few security incidents. None was related to ssh, let alone a break in via a weak password.

But I ran into many situations when I needed immediate access to the server and this setup saved my day, my money and my nerves.

2 comments

sam_lowry_

Reply
jand  12 hours ago

sry to be that guy (with a snarky comment):

> Over the 20+ years, I witnessed a few security incidents.

As you said, the attackers who breached your system had ssh root access and you had no chance to detect them.

  • sam_lowry_  11 hours ago

    Attackers attack for a reason. For targets like my servers, they mostly want to install mining software or a DDoS bot. This is detectable via cpu or network monitoring.

    I assume if someone wanted to extort money from me after encrypting the disks on my servers, I would also be somehow informed.