Puzzled by default setting in sshd_conf
Chris
racerx at makeworld.com
Fri Jul 10 20:59:38 UTC 2009
On Fri, 10 Jul 2009 15:53:41 -0500
Chris <racerx at makeworld.com> wrote:
> On Fri, 10 Jul 2009 22:49:40 +0200
> Siggy Brentrup <ubuntu at psycho.i21k.de> wrote:
>
> > On Fri, Jul 10, 2009 at 03:32:30PM -0500, Chris wrote:
> > > On Fri, 10 Jul 2009 22:04:46 +0200
> > > Siggy Brentrup <ubuntu at psycho.i21k.de> wrote:
> >
> > [...]
> >
> > > > I never advertently touched sshd_conf.
> > > >
> > > > On my other (Debian lenny) boxes 'PermitRootLogin no' is set.
> >
> > > edit /etc/rkhunter.conf:
> > >
> > > Replace the follwoing line -
> > > ALLOW_SSH_ROOT_USER=no
> > >
> > > with -
> > > ALLOW_PermitRootLogin=no
> > >
> > > Worked for me...
> >
> > Looks like you're not too much concerned about security :)
> >
> > I did it the other way round 'PermitRootLogin no' in sshd_conf.
> > This wasn't the question: I consider Ubuntu's default wrong, ymmv.
> >
> > Thanks
> > Siggy
> >
> > ps: fixed typo in Subject:
>
> My sshd conf file:
>
> # Authentication:
> LoginGraceTime 120
> PermitRootLogin no
> StrictModes yes
>
>
Actually, if I comment out ALLOW_SSH_ROOT_USER=no
then rerun rk - here's what the log produces:
[15:54:23] Checking for SSH configuration file [ Found ]
[15:54:23] Info: Found SSH configuration file: /etc/ssh/sshd_config
[15:54:24] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
[15:54:24] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'.
[15:54:25] Checking if SSH root access is allowed [ Not allowed ]
[15:54:25] Checking if SSH protocol v1 is allowed [ Not allowed ]
--
Best regards,
Chris
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
"There's no place like 127.0.0.1"
More information about the ubuntu-users
mailing list