Why Do We Change Details For An Already Existing System?
You might be wondering why we change the existing details on an already secure system, such as removing the users and allowing only root, changing the SSH port to an already changed one, updating passwords and following proper protocol of IP whitelisting. We will outline the most common reasons why we do this:
- Conformity - All of the systems we manage follow a certain number of rules which we have outlined in our private documentation for all the staff to follow. Modifying one system to be completely different would cause headaches and confusion, more note taking and problems in the future, delaying our support time response to you.
- Security - You might be thinking "Why remove the users and just use root, isn't that counter intuitive to security?" You are right but also wrong. It increases delays 10 fold by logging into a user and sudoing to root, using many passwords to even login. Countless issues happen such as our SFTP browser doesn't load properly on MobaXTerm, extra logins needing to be stored and micro managed, etc. Security by obscurity by using a username instead of root is absolutely pointless as you will probably set the username to your name with a less secure password than root, adding that user also to the sudoers file!
- Access - Changing access to who actually needs the SSH is most important here, as modifying the credentials saves security risks of where you obtained that information in the first place, such as from another friend who setup the system for you instead of yourself. You also need to bare in mind that SSH is a very powerful tool and can easily just wipe a system in 5 seconds, so managing who can reach said system using features such as IP whitelisting or using VPN's is ideal.
If you have any concerns or questions on what we are modifying, feel free to ask, but we can assure you that we've done this for many years combined and know how a system should be properly managed.