able to login as root via ssh :-(
Todd Zullinger
tmz at pobox.com
Tue Aug 8 00:58:10 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Don Russell wrote:
> FC5
> openssh-4.3p2-4
>
> I was surprised to find that I can log in as root via ssh from my
> Windows machine to my FC5 box.
Why? Just curious what made you believe it was disabled by default.
> I've always used ssh to log in as a user then 'su -' ....
>
> I don't see anything in /etc/ssh/sshd_config to prevent that, or
> enable it for that matter?
Line 39 in the default /etc/ssh/sshd_config:
#PermitRootLogin yes
The comments at the top indicate that commented values should
represent the defaults.
> What do I need to change so root can't be logged in via ssh? Or is
> it letting me because it recognizes a key?
Uncomment the above line and change yes to no.
You might also want to disable password based authentication and only
allow a few explicit users. See PasswordAuthentication and AllowUsers
in the sshd_config(5) man page.
- --
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
======================================================================
A good scapegoat is almost as good as a solution.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQFDBAEBAgAtBQJE1+GhJhhodHRwOi8vd3d3LnBvYm94LmNvbS9+dG16L3BncC90
bXouYXNjAAoJEEMlk4u+rwzjLMoIALtgqUiyeRysnApuSOZrCZi5kq5cyUdCuXBy
9Py8oNJgKAwywPb7neqgQ9ZE+5of7hz2P2xtqhxyMk1HzwNCcIZTCwz5Z0x/EG66
QXZ5fJtncBzdolMmcVhoJ7YmEueomRi/2BTvYzD9rXw/I/OqSz80ujSM3zaeDHCR
nxZOS/IaF95v+WNoqdCs2ioO5hGai3xkiUCwp+1+qJGbw6rPe/at6oOAzeSMMoG2
ysqLFolOhAnWEJcrH8fIvGi6cenkpXzVSeqyJkWlJtZ540HInCiVwcx2CVtUv4dv
H37dC3OamdTtqlUh2BIg8hhZ08jTX5ZLP0PIN8aatNhLM2THG7Y=
=Fekq
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list