this post was submitted on 03 Feb 2024
10 points (100.0% liked)
Arch Linux
7777 readers
4 users here now
The beloved lightweight distro
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I may be wrong, but if you did ssh as roothen it seems like your ssh configuration leaves a bit to be desired. If you can ssh in as root, you may want disallow that in your ssh configuration... don't remember the setting now, 'AllowRoot no' maybe? Then it also should be that you have your pub key in root's .ssh/authorized_keys, you may want to remove that. Allowing anyone to ssh in as root is probably not a good idea. For example 'root' is a very common username used in bruteforce attacks on exposed ssh ports, so locking down any possibility to get in as root directly is probably a good idea.
Thanks for the pointer, but no, I'm not SSHing as root. And
PermitRootLogin no
is configured, so all good there.Turns out I start the entire sequence as
become
, so I had to learn about changing users withansible-become
variablesStill have a few bugs to work out, but thanks for getting me on track