• 37 Posts
  • 3.95K Comments
Joined 2 years ago
cake
Cake day: July 2nd, 2023

help-circle















  • Single user on a single (physical, local) host, best security practices:

    Have root user.

    Have a administrative account that has sudo privs

    Have a daily driver with no excessive privs.

    Set PermitRootLogin no in your ssh config to be extra.

    Only use your administrative account to use sudo, only when you need it.

    This is a bit over extra, but is slightly favorable from a security standpoint, opposed to simply using that admin account as your daily driver, like everyone reading this does.

    Don’t lie. We all do it.


    Root is more powerful only in that the system will not check for its permissions to do anything. Your user with sudo still gets its permission checked, you can just bypass that check. It’s not fundamentally different in an end-result sense.

    The reason I suggest the three user approach above is because your daily driver will make the most noise that interests an attacker (provided you’re keeping your applications and services updated and properly config’d) on your machine. And if that user has no real privileges, womp womp, sucks to suck, hackerman. But if the user has sudo, they basically got root.

    This is also why you don’t run as root.

    As for your firewall? Short answer: yes.