this post was submitted on 30 Sep 2024
1 points (100.0% liked)

Self Hosted - Self-hosting your services.

14590 readers
28 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

Important

Cross-posting

If you see a rule-breaker please DM the mods!

founded 4 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
1
PSA: Test Your Server SSH Access (lemmy.ml)
submitted 9 months ago* (last edited 9 months ago) by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 

I accidentally attempted to SSH into one of my servers from a device that did not contain my ssh key. I configure all of my servers to only allow authentication via cryptographic keys. Root ssh as well as password auth are disabled.

To my surprise, I was able to log in to my server with a password despite this. Baffled, I first tried some other servers. 2 of the 5 other servers I tried were accessabke via password.

After some swift investigation the culprit was found, a cloud-init ssh config in sshd_config.d/ with one line: password_authentication Yes.

So TLDR PSA....if you run a server in any type of virtualized environment, including a VPS, check your /etc/ssh/sshd_config.d/ folder. And more broadly, actually thoroughly test your ssh access to confirm everything is working as you intend it to.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here