Re: [ANN][DRK] Darkcoin | First Anonymous Coin | Inventor of X11, DGW and Darksend | Instant TX
Another of my stupid questions:
All manuals on masternodes are saying how ports should be closed and how root account should not be used.. Personally I use root login with 15 chars long password and cold wallet set-up and did not bother closing the ports - can ANYTHING really happen to me?
My guess is 99.9% not but still would like to get a second opinion. Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw.
All manuals on masternodes are saying how ports should be closed and how root account should not be used.. Personally I use root login with 15 chars long password and cold wallet set-up and did not bother closing the ports - can ANYTHING really happen to me?
My guess is 99.9% not but still would like to get a second opinion. Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw.
My dear drobek, we were all once newbies at everything, and will always be newbies at somethings. Once you understand something, you can often profit by going against the stream, but in an area where you are a newbie, statements like this are dangerous if not foolhardy: "Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw. "
Your cold wallet may be safe, but if your machine is compromised you may be subject to all sorts of future grief... not to mention the possible eventual loss of any funds/information that pass through or are produced by it. IMHO.
Thank you for your reply strix. While the statement indeed sounds naive I still wonder how anyone can guess/force a decent password. Have talked to a few people who were hacked and almost all of them had either simple pw or pw they reused on multiple occasions. At this point I think that a combo of decent PW and frequent apt-get update/upgrade may be adequate for cold wallet set up but still preferred to get a second opinion to running everything as a root.
I'm a sys/net admin with 15+ years of experience and I can tell you that the biggest threat is YOURSELF! Just make a typo as root and kiss your system goodbye! Happened to me twice, I have learned the hard way... You don't have to
Some examples (do not try this on your masternode):
rm -rf .*
mv / /dev/null
find -type f -mtime +30 -exec mv {} /dev/null \;
whatever > /dev/sda
Play it safe, log in as a regular user and use sudo!
While I agree that logging in as a user is somewhat safer in general than logging in as root but I don't think this is the reason.
The ENTER is the key here. If you hit the ENTER without double (or triple) checking the whole line, you can just as easily end up with a devastating mistake whether you are logged in as root or as a user who is using sudo. These commands you listed as examples have the exact same effect when issued with sudo and you can just as easily make typos in lines starting sudo as you would without sudo but logged in as root. Sudo doesn't save you from typos and similar accidents when you think you are about to issue a command with root privileges anyway. When you think you need superuser rights you will automatically start the line with sudo and everything after that can still be a mistake (and have the same effect as issuing the same command as the real root).
So, I personally use an account without superuser rights (can't even use sudo) and I log in as root (in a different terminal) when I want to do something which requires root privileges (but I log out when I am done).