Hacker News new | ask | show | jobs
by dependenttypes 2524 days ago
Are you sure that -C is a good idea? Wouldn't it be possible in theory to exploit something similar to CRIME/BREACH?

> root@your-vps

People allow for root ssh connections?
3 comments
jesterson 2523 days ago
Yes, what's wrong with that?

Security is multi dimensional matter, you can't just rely on rules like "no ssh to root" or "password should be more than 20 characters".

In my case ssh is allowed from 2 IP addresses (much more useful rule then "no ssh to root "btw!) with key auth (passwd auth disabled). Don't see any problem with that.

link
kbody 2524 days ago
Some do, although I too prefer non-root but used it for the simplicity of the example.
link
yjftsjthsd-h 2524 days ago
> People allow for root ssh connections?

Keys should make it secure, and a personal VPS obviates audit requirements, so sure.

link