Re: cant block root login
From: Scott Howard (scott_at_doc.net.au)
Date: Fri, 13 Aug 2004 23:37:12 +1000 To: Laurence Moughan <Laurence.Moughan@aerlingus.com>
On Tue, Aug 10, 2004 at 11:25:52AM +0100, Laurence Moughan wrote:
> I have a pile of solaris 8 machines @ 117000-01
> Hardened and running openssh 3.8.1p1
> with my /etc/default/login
OpenSSH doesn't read /etc/default/login (nor does Solaris 9 SSH,
although Solaris 10 does)
> and my sshd_config
> #PermitRootLogin yes
OK, so it's commented out and thus the default will be in effect.
> However i can still ssh in and remotly login directly as root.
So it sounds like the default value for PermitRootLogin is Yes.
> Clues guys ?
Put the following in sshd_config and restart sshd :