Re: able to login as root via ssh :-(

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Don Russell wrote:
> FC5
> openssh-4.3p2-4
> 
> I was surprised to find that I can log in as root via ssh from my 
> Windows machine to my FC5 box.

Why?  Just curious what made you believe it was disabled by default.

> I've always used ssh to log in as a user then 'su -' ....
> 
> I don't see anything in /etc/ssh/sshd_config to prevent that, or
> enable it for that matter?

Line 39 in the default /etc/ssh/sshd_config:

#PermitRootLogin yes

The comments at the top indicate that commented values should
represent the defaults.

> What do I need to change so root can't be logged in via ssh? Or is
> it letting me because it recognizes a key?

Uncomment the above line and change yes to no.

You might also want to disable password based authentication and only
allow a few explicit users.  See PasswordAuthentication and AllowUsers
in the sshd_config(5) man page.

- -- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
======================================================================
A good scapegoat is almost as good as a solution.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQFDBAEBAgAtBQJE1+GhJhhodHRwOi8vd3d3LnBvYm94LmNvbS9+dG16L3BncC90
bXouYXNjAAoJEEMlk4u+rwzjLMoIALtgqUiyeRysnApuSOZrCZi5kq5cyUdCuXBy
9Py8oNJgKAwywPb7neqgQ9ZE+5of7hz2P2xtqhxyMk1HzwNCcIZTCwz5Z0x/EG66
QXZ5fJtncBzdolMmcVhoJ7YmEueomRi/2BTvYzD9rXw/I/OqSz80ujSM3zaeDHCR
nxZOS/IaF95v+WNoqdCs2ioO5hGai3xkiUCwp+1+qJGbw6rPe/at6oOAzeSMMoG2
ysqLFolOhAnWEJcrH8fIvGi6cenkpXzVSeqyJkWlJtZ540HInCiVwcx2CVtUv4dv
H37dC3OamdTtqlUh2BIg8hhZ08jTX5ZLP0PIN8aatNhLM2THG7Y=
=Fekq
-----END PGP SIGNATURE-----


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux