su without password

Google returns a lot of meaningful results for “sudo without password” and “ssh without password.” I don’t know why googling “su without password” gives no useful info.

To allow a user to become root with su without entering the password, edit /etc/pam.d/su.

For example, in Gentoo (should be the same or similar in other distros) uncommenting the following line allows users in group wheel to su without password:

auth sufficient pam_wheel.so use_uid trust

---

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.

Tags: Linux, security

Always start denyhosts with sshd

Denyhosts is a small tool that frequently checks SSH daemon logs for incoming requests and put suspective IPs into /etc/hosts.deny.

For some reason, denyhosts was not running in recent days in my machine. (It should be automatically started at boot time, but was not.) Today I restarted it, and 7 IPs were immediately banned. They are from all around the world: 1 from US, 1 from Germany, 1 from Turkey, 1 from Armenia, and the rest 3 from China (respectively Xiamen University, Tianjin Netcom, and Qingdao Guangdian).

I then checked /var/log/messages, and found 5236 attacks in the last 5 days.

Yes, hackers all around the world are doing all kinds of brute-force attacks. Last summer, I found someone was using my anonymous proxy at port 3128, which had been open for just a few hours, to send hundreds of spams.

---

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.

Tags: security, SSH