Re: Openssh and permit_root_login
From: Sir Jackery (root_at_jackery.com)
Date: 02/08/05
- Previous message: Joshua Baker-LePain: "Re: Linux distro with ACL support "out of the box"?"
- In reply to: dale_at_edgehp.invalid: "Openssh and permit_root_login"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 8 Feb 2005 10:26:53 -0800
On Mon, 7 Feb 2005 dale@edgehp.invalid wrote:
>
> --
> Well, it's obvious when you see a parameter like "permit_root_login"
> should be set to "no", so that you have to ssh in as an ordinary user
> and then "su -" to get to root. Isn't it?
>
> The other day I began running rkhunter as well as chkrootkit, and it's
> flagging my "permit_root_login = no" as a security advisory. Seemed
> odd, so I started searching around, and found a couple of references
> like this:
> "Sorry, you have to edit the sshd config file (/etc/ssh/sshd_config).
> Change PERMIT_ROOT_LOGIN to NO. Restart sshd and root login is permited."
>
> I also see that there were security advisories against OpenSSH, related
> to the permit_root_login flag. Incidentally, I tried ssh to root, and
> find that it does indeed ask for a password, but it never works. There
> was some mention of information leakaga, and this would certainly be the
> correct way to plug it. So all in all, this doesn't seem to make sense.
> What gives?
>
> Thanks,
> Dale Pontius
>
maybe your scanner is looking for a NO case sensitive, your config file is
case-insensitive. Just a thought...
jackery
- Previous message: Joshua Baker-LePain: "Re: Linux distro with ACL support "out of the box"?"
- In reply to: dale_at_edgehp.invalid: "Openssh and permit_root_login"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
