Re: blocking ssh Root Logins

To: debian-user@lists.debian.org
Subject: Re: blocking ssh Root Logins
From: robsims@robsims.com (Rob Sims)
Date: Mon, 21 Mar 2005 16:13:56 -0700
Message-id: <[🔎] 20050321231356.GA16793@robsims.com>
In-reply-to: <[🔎] 200503211754.j2LHsu9S012670@dc.cis.okstate.edu>
References: <[🔎] 200503211754.j2LHsu9S012670@dc.cis.okstate.edu>

On Mon, Mar 21, 2005 at 11:54:56AM -0600, Martin McCormick wrote:
> Hal Vaughan and others write:
> >Yes, according to "man sshd_config", you can disable root login by editing 
> >the /etc/ssh/sshd_config file.  If you see "PermitRootLogin Yes" change the 
> >yes to no.  If you don't see it, add the line, but with a "no".  It's 
> >possible the line could be commented out (the default is to permit).
 
> 	I did actually read the man page and remember seeing something
> about that but I probably failed to kill -HUP sshd, maybe thinking
> that it read that file for every new login.  I remember trying it and
> still being able to ssh in as root.

PAM will still allow root logins even if PermitRootLogin No is in the
sshd_config file.  You either need UsePAM No also in the config file, or
configure PAM for ssh to deny root logins.
-- 
Rob

Reply to:

Follow-Ups:
- Re: blocking ssh Root Logins
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>

References:
- Re: blocking ssh Root Logins
  - From: Martin McCormick <martin@dc.cis.okstate.edu>

Prev by Date: Re: alien problem
Next by Date: Re: can not start any sessions from kdm
Previous by thread: Re: blocking ssh Root Logins
Next by thread: Re: blocking ssh Root Logins
Index(es):
- Date
- Thread