[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh and root logins

On Tue, 10 Aug 2004 20:52, Dale E Martin <dmartin@cliftonlabs.com> wrote:
> I've noticed a fair number of attempted root logins on my various boxes

Same here.  Also attempted logins to "test", "admin", and some other accounts.

> over the last few weeks.  I don't know if there is a new ssh vulnerability
> (that thus far appears to be ineffective with my config) or if they are
> attempting one of the old ones...

It appears to be just password guessing.

> Anyways, I would like to disable password logins for root on several of my
> boxes but allow root to come in from known IPs and with known ssh keys.  Is
> there a way to disable password logins for root in sshd_config or
> root/.ssh/config, while leaving password logins intact for regular users?

Ideally we would be able to specify a list of acceptable IP addresses for each 
account, both in a central file and in per-user config files.  It would be 
really great if someone would write code to do this!

Of course this wouldn't necessarily cover you against a bug in sshd...

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: