@johnhooks said:

@scottalanmiller said:

@johnhooks said:

I'm also quite late, but would it be appropriate to keep passwords in files with root permissions and have the script read it? Or is that just as insecure?

At some point, passwords need to exist. In most cases, you want to use keys, though. Where do you need passwords?

I was just asking if that would be a solution to the original problem while still being secure since he couldn't use keys.

Oh, in that case, they aren't concerned about security or they'd have keys. So being really secure isn't on their radar 🙂

@thecreativeone91 said:

@scottalanmiller said:

Yes, Pertino can go directly on the "new" installs of UEB. Not if you have an old CentOS 5 one. You can always reinstall now.

I guess the new beta's are likely CentOS 7?

Pretty sure it's CentOS6

Now from the server that you just connected to you can do something like this...

Thanks, and welcome to MangoLassi!

@scottalanmiller said:

@thanksajdotcom said:

Unrelated question but how do you indent all your code lines four spaces manually or how do you do it automatically?

If it is one line, like that one there, I just hit the space bar four times. When it is a large code block, I copy into Notepad++, Ctrl-A, Tab, and copy into here.
...
I figured you must

It's always best practice to disable root login over SSH, especially from the Internet; use su or sudo for root access. Another good practice is to disable password-based authentication; only use keys with a passphrase. The setup you're doing here is useful for allowing scripted/automated connections between machines (e.g. for backups, scheduled tasks, etc) but they should be accounts with limited access, not root. You should be creating layers that make it difficult for someone to gain access to your systems; root keys with no passphrase means you're solely relying on that one strong password (which is one keylogger away from being defeated.)

Also, when I update to 14.10, $4!+ goes haywire...

@thecreativeone91 said:

There is never such a thing as true security with anything online. Its just logging and more levels to break through. nothing isn't breakable.

Even offline. There is no security. I'll take online security over offline security any day.