Is SSH remote execution more secure as local non-root?

ssh security unix root

Is there a security benefit running a command remotely via ssh as a local non-root user? In other words, is this actually more dangerous compared to executing the ssh command as non-root:

root@local:~# ssh user@remote "compromised_executable"

I'm assuming the local system isn't compromised and ssh doesn't have any security issues.


No, SSH does not add any benefit. It only ensures that the connection to the remote machine is encrypted, nothing more.

The non-root account should of course not have any sudo-permissions whether it is local or remote doesn't matter.

If you want added security, then execute the binary in a chroot environment or a container, or a VM you can throw away afterwards.

Related

Nginx with only TLS1.3 cipher suites
rc.local not being run on Fedora 23
Recover/Recreate completely missing Mailbox Database
SSH with a Bastion Host - stdio forwarding failed
How to bring K3s server & pods up again after k3s-killall.sh
Can't connect to specific IP address and/or TCP port - can the ISP be blocking it?
Kanji characters from WebClient html different from actual Kanji in website
Setting print size of a jLabel and put a jRadiobutton on the print
Execute (sub)commands in secondary shell/command on SSH server in Python Paramiko
Callback to python function from Tkinter Tcl crashes in windows
How do I shuffle and deal cards one at a time to players?
Problem in redirecting programmatically to a route in react router v6