RE: cant block root login

From: Craig Smith (
Date: 08/13/04

  • Next message: Michele Chubirka: "RE: cant block root login"
    Date: Fri, 13 Aug 2004 14:57:59 +0100


    OpenSSH will read /etc/default/login if 'UseLogin' is set to 'yes' in

    If a line is commented out it indicates this is the default behaviour,
    so you will need to uncomment and change PermitRootLogin to 'No' and
    then either restart sshd, or send a kill -1 to the sshd process (make
    sure you get the right process id....)



    -----Original Message-----
    From: Scott Howard [] On Behalf Of
    Scott Howard
    Sent: 13 August 2004 14:37
    To: Laurence Moughan
    Subject: Re: cant block root login

    On Tue, Aug 10, 2004 at 11:25:52AM +0100, Laurence Moughan wrote:
    > I have a pile of solaris 8 machines @ 117000-01
    > Hardened and running openssh 3.8.1p1
    > with my /etc/default/login
    > CONSOLE=/dev/console

    OpenSSH doesn't read /etc/default/login (nor does Solaris 9 SSH,
    although Solaris 10 does)

    > and my sshd_config
    > #PermitRootLogin yes

    OK, so it's commented out and thus the default will be in effect.

    > However i can still ssh in and remotly login directly as root.

    So it sounds like the default value for PermitRootLogin is Yes.

    > Clues guys ?

    Put the following in sshd_config and restart sshd : PermitRootLogin No


    --------------------------------------------------------------- -
            Visit our Internet site at

    Get closer to the financial markets with Reuters Messaging - for more
    information and to register, visit

    Any views expressed in this message are those of the individual
    sender, except where the sender specifically states them to be
    the views of Reuters Ltd.

  • Next message: Michele Chubirka: "RE: cant block root login"