Home

Setting up incredibly insecure SSH on Debian

Posted 2018-12-18

Sometimes it’s useful to have incredibly insecure SSH on a machine, such that it allows logging in as root without a password. It’s pretty self explanatory that you shouldn’t enable this on a box connected to an unsecured network, but just to be clear;

DON'T DO THIS

Now that we’ve got that out of the way, let’s get onto configuring this thing!

It’s pretty straightforward to get this set up;

  1. Remove root’s password.

    passwd -d root
  2. Enable both root login and logging in without a password.

    Edit /etc/ssh/sshd_config and change these options;

    PermitRootLogin yes
    PermitEmptyPasswords yes
  3. The special sauce: Mark ssh as a “secure TTY”.

    Edit /etc/securetty and add ssh to the end;

    ssh

    This step is the not-so-obvious one, and the reason I wrote this post in the first place!

  4. You’re done! You can now SSH into your box as root without a password;

    $ ssh root@example.com
    $ id
    uid=0(root) gid=0(root) groups=0(root)

Source: Super User