Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
Rrooom2014-08-27 12:16:48
linux
Rrooom, 2014-08-27 12:16:48

Are there open source "bookmarks" for Linux servers?

For example, on a server (rented) all ports are closed, except for 80, 443 and a random one under ssh with key authorization. Suppose a colleague accidentally demolishes my key while he goes on vacation.
Is there something ready-made that can work in daemon mode from root, and at the same time disguise itself as something harmless to put and forget. And in the case of such an accident as above, would it be possible to get root access?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
R
RPG, 2014-08-27
@RPG

If you have physical access to the server, you can get root without any problems: habrahabr.ru/post/104536

Report
B
Boris Syomov, 2014-08-27
@kotomyava

For the situation described above, no software is needed - ipkvm, log in, put the key back in place ...
And to disguise, etc. then the example is correct. However, it is unlikely that someone here will tell you where to get rootkits and how to use them.

Report
S
Sergey Petrikov, 2014-08-27
@RicoX

Yes, it’s full of the standard set of software - forwarding control through nc , but I consider it at least unethical to advise various rootkits here, as in the case of a colleague who left, disguise is not needed.

Report
V
Vlad Zhivotnev, 2014-08-29
@inkvizitor68sl

Well. In general, in this case, it makes sense to store a copy of the key in .ssh/authorized_keys2.
https://debian.pro/1278 but in general here I wrote how to run something via http on the server "in the console" without apache+cgi. Just do not forget to remove this thing for authorization. What will be inside the script is up to you. You can change the root password from there to one known only to you.

Report
S
Sergey, 2015-03-04
@butteff

If we take the situation described in the question. then each hoster has a support where they can easily recover the password and a web panel where the keys can be loaded manually. If the goals are different, then you need to look for some rootkits, I don’t think that they are openly on some github. It is necessary to climb into specialized communities.

Similar questions
A
Alexander2017-06-23 20:13:44
Accepting cookies. Why is it returning an array? 2Reply
E
elementalist2021-06-02 17:15:04
2 subnets on Mikrotik - LAN and video surveillance. How to get access from LAN to the DVR? 3Reply
S
Spheniscus2019-02-12 13:09:51
How in wxpython under Linux, at the listctrl element, to change the default padding from vertical to horizontal as in normal OS? 0Reply
S
Sergey Vyvolokin2020-11-13 19:19:31
Rights to the directory and user group? 1Reply
K
ksvdon2016-09-13 13:40:56
CentOS7, video (youtube, etc.) heavily loads the processor, how to reconfigure what would be done by the video card? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question