Hi all, After a fresh install of Suse 7.1 I have noticed that ssh allows root remote access. I have tried to disable it via pam /etc/security/access.conf but it does not work. How do I do it? Praise
Or use pam listfile to allow/deny users/groups:
http://www.samag.com/documents/s=1161/sam0009a/0009a.htm
Sometimes it's nicer to use listfile instead of each individual server's
built in method.
Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
----- Original Message -----
From: "Praise"
Hi all,
After a fresh install of Suse 7.1 I have noticed that ssh allows root remote access. I have tried to disable it via pam /etc/security/access.conf but it does not work.
How do I do it?
Praise
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hi Praise, edit /etc/ssh/sshd_config and set: PermitRootLogin No At 11:55 30.01.02 +0100, Praise wrote:
Hi all,
After a fresh install of Suse 7.1 I have noticed that ssh allows root remote access. I have tried to disable it via pam /etc/security/access.conf but it does not work.
How do I do it?
Praise
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
urbia Grüße - best regards Tobias Kremer Webmaster / Software-Entwicklung urbia.com AG Hohe Str.115, 50667 Köln tel: +49 (0)221 - 2949 154 fax: +49 (0)221 - 2949 599 e-mail: tobias.kremer@urbia.com http://www.urbia.de - we are family http://www.urbia.fr - votre espace famille http://www.urbia.co.uk - the family site "Linux is like a wigwam. No gates, no windows but an apache inside"
Hi Praise Just set "PermitRootLogin" to "now" in /etc/ssh/sshd_config and reload sshd. Cheers Patrick -----Ursprüngliche Nachricht----- Von: Praise [mailto:praisetazio@tiscalinet.it] Gesendet: Mittwoch, 30. Januar 2002 11:55 An: suse-security@suse.com Betreff: [suse-security] Root access via ssh?? Hi all, After a fresh install of Suse 7.1 I have noticed that ssh allows root remote access. I have tried to disable it via pam /etc/security/access.conf but it does not work. How do I do it? Praise -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Why don't you login as a normal user and then su to obtain root privileges. This is by far
more secure and avoids any possibility of a mistake in the configuration which might
cause a security hole to exist in your system.
Jim
01/30/02 06:05:06 AM, Marco Nierlich
Patrick Geiser wrote:
Hi Praise
Just set "PermitRootLogin" to "now" in /etc/ssh/sshd_config and reload sshd.
Hi all,
is there a way to allow ssh root login from 192.168.1.0/24 and permit it from anywhere else?
TIA Marco
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
is there a way to allow ssh root login from 192.168.1.0/24 and permit it from anywhere else? see AllowUsers: option in /etc/sshd_config (man sshd) or run two servers on different ports, one of which allows root logins and is firewalled or disable assword authentication and restrict the authorized_keys with the from="*.asdf.qwer.ertz" option to certain only locally resolvable (private) hosts or, well yes nothing to do with 192.etc., dont permit rootlogin and use su
lars
participants (7)
-
James Bliss -
Kurt Seifried -
l.g.e@web.de -
Marco Nierlich -
Patrick Geiser -
Praise -
Tobias Kremer :: IT