Re: Question on blocking remote root access via SSH

From: Alan Walker (me@my.net)
Date: 12/14/02


From: "Alan Walker" <me@my.net>
Date: Fri, 13 Dec 2002 20:04:31 -0500

You don't need to permit root login in sshd to gain root access. The safest
method to my attention is to utlize the su - command to shell as user root
at once logged in as any old non-privledged user.

"Nico Kadel-Garcia" <nkadel@bellatlantic.net> wrote in message
news:cWWE9.34582$hi6.2883@nwrddc02.gnilink.net...
>
> "John Yang" <zyang@waveline.com> wrote in message
> news:c137b465.0211261842.6fe4e635@posting.google.com...
> > Hi,
> > I have set up SSH service on my remote linux server. I have discovered
> > that unlike telnet, which I could block remote root access, SSH allows
> > root to login remotely.
> >
> > Does anyone know how to turn off remote root access for SSH on Linux?
> >
> > Many thanks.
> >
> > John
>
> Type "man sshd" and then change "PermitRootLogin" in your sshd_config
file.
> Of course, many of use *WANT* root access so that we can remotely salvage
a
> system whose user partition has gone toes up....
>
>



Relevant Pages

  • Re: port forwarding timeouts
    ... I'm fairly conversant with fundamental concepts of Unix ... as well as SSH JB> If it's truely ... >> frequently require remote root access, ...
    (comp.security.ssh)
  • RE: redhat-list Digest, Vol 23, Issue 9
    ... encrypt password for Kickstart ... I would be careful of using the wheel group to allow ssh logins, as admins typically use this group in sudoers file to grant root access for non-root users; granting the wheel group ssh logins as well as root access is essentially allowing root access over ssh anyway; although an outside attacker would at least have to guess the non-root user's id and password. ...
    (RedHat)
  • RE: is this an intruder?
    ... granting the wheel group ssh logins as well as root access is ...
    (RedHat)
  • Re: Is OpenSSH 3.5p1 secure?
    ... Do not allow root access over ssh. ... Do allow access over ssh for one and only one user. ... NOTHING is perfectly secure. ...
    (comp.security.ssh)
  • Re: Rsync, ssh and using root.
    ... On 10 Dez, Randy Smith wrote: ... > This avoids the problems with SSH and root access but may lead to other ...
    (FreeBSD-Security)