Just an FYI, you do NOT want to use /etc/default/login (due to many security
issues) with SSHD if you can avoid it (unless you need the BSM audit trail).
-----Original Message-----
From: Craig Smith [mailto:Craig.Smith (at) reuters (dot) com [email concealed]]
Sent: Friday, August 13, 2004 9:58 AM
To: focus-sun (at) securityfocus (dot) com [email concealed]
Subject: RE: cant block root login
Hi,
OpenSSH will read /etc/default/login if 'UseLogin' is set to 'yes' in
sshd_config.
If a line is commented out it indicates this is the default behaviour,
so you will need to uncomment and change PermitRootLogin to 'No' and
then either restart sshd, or send a kill -1 to the sshd process (make
sure you get the right process id....)
Regards,
Craig.
-----Original Message-----
From: Scott Howard [mailto:scott (at) sageau.virtual-server (dot) net [email concealed]] On Behalf Of
Scott Howard
Sent: 13 August 2004 14:37
To: Laurence Moughan
Cc: focus-sun (at) securityfocus (dot) com [email concealed]
Subject: Re: cant block root login
On Tue, Aug 10, 2004 at 11:25:52AM +0100, Laurence Moughan wrote:
> I have a pile of solaris 8 machines @ 117000-01
> Hardened and running openssh 3.8.1p1
> with my /etc/default/login
> CONSOLE=/dev/console
OpenSSH doesn't read /etc/default/login (nor does Solaris 9 SSH,
although Solaris 10 does)
> and my sshd_config
> #PermitRootLogin yes
OK, so it's commented out and thus the default will be in effect.
> However i can still ssh in and remotly login directly as root.
So it sounds like the default value for PermitRootLogin is Yes.
> Clues guys ?
Put the following in sshd_config and restart sshd : PermitRootLogin No
Scott
--------------------------------------------------------------- -
Visit our Internet site at http://www.reuters.com
Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging
Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Reuters Ltd.
issues) with SSHD if you can avoid it (unless you need the BSM audit trail).
-----Original Message-----
From: Craig Smith [mailto:Craig.Smith (at) reuters (dot) com [email concealed]]
Sent: Friday, August 13, 2004 9:58 AM
To: focus-sun (at) securityfocus (dot) com [email concealed]
Subject: RE: cant block root login
Hi,
OpenSSH will read /etc/default/login if 'UseLogin' is set to 'yes' in
sshd_config.
If a line is commented out it indicates this is the default behaviour,
so you will need to uncomment and change PermitRootLogin to 'No' and
then either restart sshd, or send a kill -1 to the sshd process (make
sure you get the right process id....)
Regards,
Craig.
-----Original Message-----
From: Scott Howard [mailto:scott (at) sageau.virtual-server (dot) net [email concealed]] On Behalf Of
Scott Howard
Sent: 13 August 2004 14:37
To: Laurence Moughan
Cc: focus-sun (at) securityfocus (dot) com [email concealed]
Subject: Re: cant block root login
On Tue, Aug 10, 2004 at 11:25:52AM +0100, Laurence Moughan wrote:
> I have a pile of solaris 8 machines @ 117000-01
> Hardened and running openssh 3.8.1p1
> with my /etc/default/login
> CONSOLE=/dev/console
OpenSSH doesn't read /etc/default/login (nor does Solaris 9 SSH,
although Solaris 10 does)
> and my sshd_config
> #PermitRootLogin yes
OK, so it's commented out and thus the default will be in effect.
> However i can still ssh in and remotly login directly as root.
So it sounds like the default value for PermitRootLogin is Yes.
> Clues guys ?
Put the following in sshd_config and restart sshd : PermitRootLogin No
Scott
--------------------------------------------------------------- -
Visit our Internet site at http://www.reuters.com
Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging
Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Reuters Ltd.
[ reply ]