Alcatros552 on Hacker News

Possible Backdooring /etc/SSH/sshd_config.d/50-cloud-init.conf

It appears that Ubuntu is automatically generating a file in that directory, potentially creating a backdoor option for users who choose common default credentials, such as 'admin/admin.' This could inadvertently undermine attempts to enforce private key authentication by setting 'PasswordAuthentication no' in the main '/etc/ssh/sshd_config' file, as there might be an override active in that subdirectory /etc/ssh/sshd_config.d/ without the user's awareness. Please let me know if you encounter the same files and check your systems, I've got the suspicion that this is not a one time occurrence!

4Alcatros5521y ago0

Alcatros552

Recent submissions

Major authentication providers still doesn't support TLS 1.3 (opens in new tab)

Anyone Having Difficulties with GCP GPU Quota Requests? (opens in new tab)

Possible Backdooring /etc/SSH/sshd_config.d/50-cloud-init.conf

Ask HN: What coding guide do you give your Devs?

Recent submissions

Major authentication providers still doesn't support TLS 1.3 (opens in new tab)

Anyone Having Difficulties with GCP GPU Quota Requests? (opens in new tab)

Possible Backdooring /etc/SSH/sshd_config.d/50-cloud-init.conf

Ask HN: What coding guide do you give your Devs?