
Hi all, After a fresh install of Suse 7.1 I have noticed that ssh allows root remote access. I have tried to disable it via pam /etc/security/access.conf but it does not work. How do I do it? Praise

Or use pam listfile to allow/deny users/groups: http://www.samag.com/documents/s=1161/sam0009a/0009a.htm Sometimes it's nicer to use listfile instead of each individual server's built in method. Kurt Seifried, kurt@seifried.org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ ----- Original Message ----- From: "Praise" <praisetazio@tiscalinet.it> To: <suse-security@suse.com> Sent: Wednesday, January 30, 2002 3:55 AM Subject: [suse-security] Root access via ssh??
Hi all,
After a fresh install of Suse 7.1 I have noticed that ssh allows root remote access. I have tried to disable it via pam /etc/security/access.conf but it does not work.
How do I do it?
Praise
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com

Hi Praise, edit /etc/ssh/sshd_config and set: PermitRootLogin No At 11:55 30.01.02 +0100, Praise wrote:
Hi all,
After a fresh install of Suse 7.1 I have noticed that ssh allows root remote access. I have tried to disable it via pam /etc/security/access.conf but it does not work.
How do I do it?
Praise
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
urbia Grüße - best regards Tobias Kremer Webmaster / Software-Entwicklung urbia.com AG Hohe Str.115, 50667 Köln tel: +49 (0)221 - 2949 154 fax: +49 (0)221 - 2949 599 e-mail: tobias.kremer@urbia.com http://www.urbia.de - we are family http://www.urbia.fr - votre espace famille http://www.urbia.co.uk - the family site "Linux is like a wigwam. No gates, no windows but an apache inside"

Hi Praise Just set "PermitRootLogin" to "now" in /etc/ssh/sshd_config and reload sshd. Cheers Patrick -----Ursprüngliche Nachricht----- Von: Praise [mailto:praisetazio@tiscalinet.it] Gesendet: Mittwoch, 30. Januar 2002 11:55 An: suse-security@suse.com Betreff: [suse-security] Root access via ssh?? Hi all, After a fresh install of Suse 7.1 I have noticed that ssh allows root remote access. I have tried to disable it via pam /etc/security/access.conf but it does not work. How do I do it? Praise -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com

Why don't you login as a normal user and then su to obtain root privileges. This is by far more secure and avoids any possibility of a mistake in the configuration which might cause a security hole to exist in your system. Jim 01/30/02 06:05:06 AM, Marco Nierlich <mani@access.unizh.ch> wrote:
Patrick Geiser wrote:
Hi Praise
Just set "PermitRootLogin" to "now" in /etc/ssh/sshd_config and reload sshd.
Hi all,
is there a way to allow ssh root login from 192.168.1.0/24 and permit it from anywhere else?
TIA Marco
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com

is there a way to allow ssh root login from 192.168.1.0/24 and permit it from anywhere else? see AllowUsers: option in /etc/sshd_config (man sshd) or run two servers on different ports, one of which allows root logins and is firewalled or disable assword authentication and restrict the authorized_keys with the from="*.asdf.qwer.ertz" option to certain only locally resolvable (private) hosts or, well yes nothing to do with 192.etc., dont permit rootlogin and use su
lars
participants (7)
-
James Bliss
-
Kurt Seifried
-
l.g.e@web.de
-
Marco Nierlich
-
Patrick Geiser
-
Praise
-
Tobias Kremer :: IT