Re: Bypassing allowed_users with PAM in sshd?
Marcus Williams wrote:
> I noticed in logwatch reports today that someone had tried logging in
> as root to one of my servers recently. No surprise there as this
> happens every day. However I have explicitly set up a set of users in
> allowed_users and root isnt one of them (I also have AllowRootLogin
> set to false).
> Anybody got any idea?
Probably you enabled UsePAM together with
ChallengeResponseAuthentication. (see `man sshd_config`)
PAM does not know anything about the AllowUsers/Groups and