On Mon, 2007-08-13 at 19:50 -0400, Michael Klinosky wrote: > Vivek: > >> James: > >> (4) Most distros now ship with disallowing ROOT from directly > >> SSHing into the box. But there are also other safeguards you can do. > >> http://www.openssh.com/ > > > Fedora/RHEL doesn't seem to be among those distros. But thankfully, it > > is part of our server hardening process. > > Are you sure? > > I have F7; in sshd_config is this: > #PermitRootLogin yes > > Iow, this must be un-commented to allow root login. > > Or, am I missing something here? The commented-out items in a pristine sshd_config are the default values. If you check the man page for sshd_config, you'll see: PermitRootLogin Specifies whether root can log in using ssh(1). The argument must be “yes”, “without-password”, “forced-commands-only” or “no”. The default is “yes”. So uncomment the line and make it read PermitRootLogin no Then "service sshd restart" to make it take effect. ---------------------------------------------------------------------- - Rick Stevens, Principal Engineer rstevens@xxxxxxxxxxxx - - CDN Systems, Internap, Inc. http://www.internap.com - - - - To err is human, to forgive, beyond the scope of the OS - ----------------------------------------------------------------------