Am Fr, den 18.03.2005 schrieb Manny um 1:46: > Was anyone aware that sshd_config default permits root login??? I That is the default setup OpenSSH ships with all FC releases. > checked my config and found this too be true. i also ran rkhunter and > noticed that ssh was vunerable. I made some changes to my sshd_config SSH vulnerable for what? I guess it claims the OpenSSH version to be vulnerable while it is patched. > and ran rootkit again and all is well. Here's what it looks like now. > Can anyone tell me if this looks right??? > > Protocol 2 > SyslogFacility AUTHPRIV > PermitRootLogin no > AllowUsers kcmanny > PasswordAuthentication yes > ChallengeResponseAuthentication no > GSSAPIAuthentication yes > GSSAPICleanupCredentials yes > UsePAM yes > X11Forwarding yes > Subsystem sftp /usr/libexec/openssh/sftp-server Looks ok. Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.770_FC2smp Serendipity 02:34:40 up 1 day, 30 users, load average: 0.46, 0.52, 0.55
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
