RE: cant block root login

From: Craig Smith (Craig.Smith_at_reuters.com)
Date: 08/13/04

Next message: Michele Chubirka: "RE: cant block root login"

Previous message: Robert Escue: "Re: [ID 800047 auth.crit] fatal: monitor_read: unsupported request: 24"
Maybe in reply to: Laurence Moughan: "cant block root login"
Next in thread: Michele Chubirka: "RE: cant block root login"
Reply: Michele Chubirka: "RE: cant block root login"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 13 Aug 2004 14:57:59 +0100
To: focus-sun@securityfocus.com

Hi,

OpenSSH will read /etc/default/login if 'UseLogin' is set to 'yes' in
sshd_config.

If a line is commented out it indicates this is the default behaviour,
so you will need to uncomment and change PermitRootLogin to 'No' and
then either restart sshd, or send a kill -1 to the sshd process (make
sure you get the right process id....)

Regards,

Craig.

-----Original Message-----
From: Scott Howard [mailto:scott@sageau.virtual-server.net] On Behalf Of
Scott Howard
Sent: 13 August 2004 14:37
To: Laurence Moughan
Cc: focus-sun@securityfocus.com
Subject: Re: cant block root login

On Tue, Aug 10, 2004 at 11:25:52AM +0100, Laurence Moughan wrote:
> I have a pile of solaris 8 machines @ 117000-01
> Hardened and running openssh 3.8.1p1
> with my /etc/default/login
> CONSOLE=/dev/console

OpenSSH doesn't read /etc/default/login (nor does Solaris 9 SSH,
although Solaris 10 does)

> and my sshd_config
> #PermitRootLogin yes

OK, so it's commented out and thus the default will be in effect.

> However i can still ssh in and remotly login directly as root.

So it sounds like the default value for PermitRootLogin is Yes.

> Clues guys ?

Put the following in sshd_config and restart sshd : PermitRootLogin No

Scott

--------------------------------------------------------------- -
Visit our Internet site at http://www.reuters.com

Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging

Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Reuters Ltd.

Next message: Michele Chubirka: "RE: cant block root login"

Previous message: Robert Escue: "Re: [ID 800047 auth.crit] fatal: monitor_read: unsupported request: 24"
Maybe in reply to: Laurence Moughan: "cant block root login"
Next in thread: Michele Chubirka: "RE: cant block root login"
Reply: Michele Chubirka: "RE: cant block root login"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Putty for SSH access
... If you are sure you want to allow direct SSH as root, edit your ... Add or uncomment a line that says "PermitRootLogin ... ....and restart sshd! ...
(comp.os.linux.networking)
RE: cant block root login
... issues) with SSHD if you can avoid it. ... so you will need to uncomment and change PermitRootLogin to 'No' and ... Get closer to the financial markets with Reuters Messaging - for more ... sender, except where the sender specifically states them to be ...
(Focus-SUN)