Greetings! I am experimenting with SuSE 9.0 professional and have encountered something I don't understand. I have disabled telnet, allowing only ssh for remote logins. Problem is, I can ssh from Windows using putty to the test computer and login remotely as root, even though my /etc/securetty includes only entries for tty1 through tty6. I don't want to allow remote root logins. I did find a reference elsewhere to a similar problem, which was caused by /etc/pam.d/login having its lines for pam_securetty.so and pam_nologin.so commented out. I've checked my /etc/pam.d/login, and the relevant lines read: auth required pam_securetty.so auth required pam_nologin.so I was eventually able to disable remote root logins via ssh by setting "PermitRootLogin" to "no" in /etc/ssh/sshd_config, but I'm still curious why the settings in securetty don't seem to be working. Can anyone point out what I'm missing? Thanks, Michael Watson mwatso@lsuhsc.edu
Hi, * Am 25.11.2003 (08:21) schrieb Watson, Michael:
I was eventually able to disable remote root logins via ssh by setting "PermitRootLogin" to "no" in /etc/ssh/sshd_config, but I'm still curious why the settings in securetty don't seem to be working. Can anyone point out what I'm missing?
Did you restart the ssh daemon? When I reconfigured sshd last time, I needed to restart it, so the new settings got used. I must do this locally. -sa -- sa at programmers-world dot com http://www.livingit.de Boomarks online: http://www.mobile-bookmarks.info Soon available in english Mail geschrieben: Dienstag, den 25. November 2003 um 21:30
participants (2)
-
Sascha Andres
-
Watson, Michael