Re: cant block root login

From: Scott Howard (scott_at_doc.net.au)
Date: 08/13/04

  • Next message: Sebastien Berube: "Réf. : [ID 800047 auth.crit] fatal: monitor_read: unsupported request: 24"
    Date: Fri, 13 Aug 2004 23:37:12 +1000
    To: Laurence Moughan <Laurence.Moughan@aerlingus.com>
    
    

    On Tue, Aug 10, 2004 at 11:25:52AM +0100, Laurence Moughan wrote:
    > I have a pile of solaris 8 machines @ 117000-01
    > Hardened and running openssh 3.8.1p1
    > with my /etc/default/login
    > CONSOLE=/dev/console

    OpenSSH doesn't read /etc/default/login (nor does Solaris 9 SSH,
    although Solaris 10 does)

    > and my sshd_config
    > #PermitRootLogin yes

    OK, so it's commented out and thus the default will be in effect.

    > However i can still ssh in and remotly login directly as root.

    So it sounds like the default value for PermitRootLogin is Yes.

    > Clues guys ?

    Put the following in sshd_config and restart sshd :
    PermitRootLogin No

      Scott


  • Next message: Sebastien Berube: "Réf. : [ID 800047 auth.crit] fatal: monitor_read: unsupported request: 24"