Re: cant block root login

From: Scott Howard (scott_at_doc.net.au)
Date: 08/13/04

Next message: Sebastien Berube: "Réf. : [ID 800047 auth.crit] fatal: monitor_read: unsupported request: 24"

Previous message: Laurence Moughan: "cant block root login"
In reply to: Laurence Moughan: "cant block root login"
Next in thread: Craig Smith: "RE: cant block root login"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 13 Aug 2004 23:37:12 +1000
To: Laurence Moughan <Laurence.Moughan@aerlingus.com>

On Tue, Aug 10, 2004 at 11:25:52AM +0100, Laurence Moughan wrote:
> I have a pile of solaris 8 machines @ 117000-01
> Hardened and running openssh 3.8.1p1
> with my /etc/default/login
> CONSOLE=/dev/console

OpenSSH doesn't read /etc/default/login (nor does Solaris 9 SSH,
although Solaris 10 does)

> and my sshd_config
> #PermitRootLogin yes

OK, so it's commented out and thus the default will be in effect.

> However i can still ssh in and remotly login directly as root.

So it sounds like the default value for PermitRootLogin is Yes.

> Clues guys ?

Put the following in sshd_config and restart sshd :
PermitRootLogin No

Scott

Next message: Sebastien Berube: "Réf. : [ID 800047 auth.crit] fatal: monitor_read: unsupported request: 24"

Previous message: Laurence Moughan: "cant block root login"
In reply to: Laurence Moughan: "cant block root login"
Next in thread: Craig Smith: "RE: cant block root login"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]