Hi all,
I’m curious to understand how you all connect to your servers - hopefully, it’s at the very least using SSH and at the better end of the spectrum, using a key and passphrase combination. For those who are curious to understand why we need a key and passphrase, it’s because without it, your SSH session is still subject to brute force. In addition, you should NEVER allow root to login directly - either at the console physically (if you have a physical server within your reach), or via SSH session.
In this case, you should be using a normal account to gain access via SSH, then elevating your session using
su -
or su root
Permitting login as root directly is simply asking for trouble, and will effectively negate your security completely by allowing a complete stranger to bruteforce and then assume control of your server. You should also use a firewall to permit access to SSH via specified and approved IP addresses.
This is security101 and an industry standard.
Now it’s confession time on your part… ![:D 😄](https://sudonix.org/assets/plugins/nodebb-plugin-emoji/emoji/android/1f604.png?v=ngnelid3ai4)
The other part of the bargain would be which SSH client you should use. There’s the go-to PUTTY for Windows, or even the command line (which has been greatly simplified in Windows 10/11). However, one I recently started using which is 100% free and extremely powerful is Bitvise
https://www.bitvise.com/
Seriously, if you haven’t already got this application in your toolkit, then it’s time to add it.