edit /etc/ssh/sshd_config and change PermitRootLogin no That should fix your problem. On the other hand also run the harden suse script. It should be avilable on Marc's home page http://www.suse.de/~marc On Tue, 24 Apr 2001, Robert Sweet wrote:
How can we ssh into a box when root login is disabled. We have Marc Heuses New Firewall script running on a 7.1 Suse box using 2.4 kernel. Here are the open ports:
Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Interesting ports on YaddaYaddaYadda (XXXXXXXXXXX): (The 1516 ports scanned but not shown below are in state: filtered) Port State Service 21/tcp open ftp 22/tcp open ssh 25/tcp closed smtp 53/tcp open domain 80/tcp open http 113/tcp closed auth 123/tcp closed ntp
Here is root logged on my friend's box locally and me logged in as root using ssh. root tty1 Apr 21 11:34 root tty2 Apr 21 11:38 root pts/0 Apr 21 11:35 (My.Box.At.Home) root pts/1 Apr 21 11:54 (My.Box.At.Home)
Here is the output of /etc/securetty on the bad box:
tty1 tty2 tty3 tty4 tty5 tty6 # for devfs: vc/1 vc/2 vc/3 vc/4 vc/5 vc/6
Any help on this one would be appreciated. We have shutdown sshd for now. Thanks -- _ _ __ _____ _____ ___| |_ | '__| / __\ \ /\ / / _ \/ _ \ __| | | _ \__ \\ V V / __/ __/ |_ |_|(_) |___/ \_/\_/ \___|\___|\__| rsweet@socal.rr.com "unix soit qui mal y pense."
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com