Contabo Security Defaults Encourage Using SSH Passwords

Posted4 months agoActive4 months ago

ddxv

10 points

9 comments

jamesoclaire.comTechstory

skepticalnegative

Debate

60/100

SSH SecurityContaboVps Hosting

Key topics

SSH Security

Contabo

Vps Hosting

The article criticizes Contabo's default SSH configuration for encouraging insecure password-based authentication, sparking discussion about security best practices and the trade-offs between convenience and security.

Snapshot generated from the HN discussion

Discussion Activity

Light discussion

First comment

N/A

Peak period

0-3h

Avg / period

1.5

Key moments

01Story posted
Sep 11, 2025 at 8:30 PM EDT
4 months ago
Step 01
02First comment
Sep 11, 2025 at 8:30 PM EDT
0s after posting
Step 02
03Peak activity
4 comments in 0-3h
Hottest window of the conversation
Step 03
04Latest activity
Sep 13, 2025 at 10:24 AM EDT
4 months ago
Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (9 comments)

Showing 9 comments

PaulKeeble

4 months ago

1 reply

When I used Contabo I had to harden this aspect immediately. Stopped root logins and passwords and made a separate user with a key. Its a really bad default setup from a security point of view.

I had issues with performance as well. I could never explain why I couldn't utilise the bandwidth fully it would only work in very short bursts and very quickly was throttling the connection. The problem is the workload I had I needed that peak bandwidth once every 2 weeks for a day and then it would mostly be idle and all of the usage was outside of peak but still the bandwidth got throttled consistently and I moved to netcup.

ddxvAuthor

4 months ago

Yeah, I saw they have the typical note that they reserve the right to throttle any CPU/traffic as needed. But I guess if they don't have sophisticated rules for throttling they have both edge cases like yours where they are overly strict and still other loopholes that can be abused.

sam_lowry_

4 months ago

1 reply

Fear of passwords is some kind of cargo cult nowadays.

Irrational and exploited by vested interests.

ddxvAuthor

4 months ago

2 replies

Hmm, I don't know if I agree, but I'm open to hearing more. The public/private keys (which means you can copy past them in chats/emails) is pretty useful.

Also, what do you mean by 'exploited by vested interests'? You think keys are pushed by some organization exploiting them?

ASalazarMX

4 months ago

1 reply

> The public/private keys (which means you can copy past them in chats/emails)

God please don't do that to private keys, you might as well just copy a password and save some work.

ddxvAuthor

4 months ago

No, of course not. The reference to pasting a public key into an email is in reference to Contabo asking that we copy paste our ip/username/password over email for them to 'troubleshoot'. If the server had been setup with public keys and they really needed our help to access at least they could have just sent their own public key safely over email.

TheNewsIsHere

4 months ago

I wonder if they’re conflating the push for FIDO2 credentials as Passkeys with the general problems of using passwords.

Passwords are perfectly fine in theory. It’s when you put humans in the loop that they become a headache.

ddxvAuthor

4 months ago

My recent thoughts when trying Contabo for the first time.

hobobaggins

4 months ago

Too bad Userify is too expensive for a lot of VPS-style projects (free for less than five instances, but we blow through that pretty fast most of the time)

View full discussion on Hacker News

ID: 45217496Type: storyLast synced: 11/20/2025, 7:40:50 PM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

Open link View on HN