Re:Re:Re: ... about SSH
The questions brought up are good for just general security practices. We try and setup enough walls and guards and alarms to tell us when someone breaks in. Chances are that in the moment you'll never actually catch the bad actor and stop them in their tracks. So the goal should be that breaking one key doesn't mean breaking all keys. Reduce what they can access when they get in one door. Once you know someone broke in, change all your locks.
Any good cracker is going to enter your world and hide. What we end up detecting is the destruction they cause on their way out. There have been memory attacks, though the OS should shelter an app's memory from other processes. But a good default way to think is to make life difficult to escalate those who get into your system, but once someone is in your house worrying about the locks is the least of your worries.
I've worked places where hardware was lost or stolen, had security keys compromised and even had physical locations breached. You can do all you can but it's an uphill battle. Do whatever you feel gives you enough security and doesn't make your day to day a major pain in the ass.
$ published: 2024-10-09 17:35 $
$ tags: #unix $
-- CC-BY-4.0 jecxjo 2024-10-09
Source