Mark Goldstein wrote:

...

On Sunday, 2009-04-19 at 17:25 -0500, David C. Rankin wrote:

...

Linda, Mark hit the nail on the head. Root logins are *not* permitted by default. The sshd_config is simply giving you the wrong impression. The line: #PermitRootLogin yes needs to be uncommented; I suggested so. O:-)

On Mon, Apr 20, 2009 at 3:56 AM, Carlos E. R. <robin.listas@telefonica.net> wrote: - As I wrote, I checked on 2 systems (11.0 and 11.1) that with PermitRootLogin yes commented out I *COULD* log in as root without any problem.

Carlos cited manpage that says default is "yes". I remembered that general approach in SSH configuration file to show default values as commented out options.

So the default is shown in the commented out section (like I said the commenting was the same on systems that worked and didn't work). Some people are also getting the inconsistent/unexplained behavior: ----- David C. Rankin wrote:

Mark Goldstein wrote:

...

So Linda's right, it is something other than PermitRootLogin. I do not use non-interactive login on my systems, so I can't check your scenario (maybe I'll give it a try later).

I'm must be doing something else wrong then. Because with PermitRootLogin yes commented out, PasswordAuthentication yes, ChallengeResponseAuthentication yes, I can not login:

No one ever figured out why some people are seeing this 'root-blocked' behavior while others have no problem. Hmm....So there is still some other setting we are overlooking (or that is "new and improved"(TM-SuckingImprovementsLimited)). I haven't looked at the issue for a while -- got distracted off on other things).... Sigh..was hoping someone would have run into this and would just know the new setting that was 'mucked up' (er, I mean 'improved') and just 'known' the answer in the community...seems like a weird enough inconsistency for someone not to have ran into it and found it -- but maybe most people don't have 'safe', "trusted-internal-net" systems where root passwords are more of a convenient-backup than a safety concern (as they aren't exposed to sniffing). -linda -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org