sshd_config

Alexander Dalloz ad+lists at uni-x.org
Fri Mar 18 01:39:45 UTC 2005


Am Fr, den 18.03.2005 schrieb Manny um 1:46:

> Was anyone aware that sshd_config default permits root login??? I

That is the default setup OpenSSH ships with all FC releases.

> checked my config and found this too be true. i also ran rkhunter and
> noticed that ssh was vunerable. I made some changes to my sshd_config

SSH vulnerable for what? I guess it claims the OpenSSH version to be
vulnerable while it is patched.

> and ran rootkit again and all is well. Here's what it looks like now.
> Can anyone tell me if this looks right???
> 
> Protocol 2
> SyslogFacility AUTHPRIV
> PermitRootLogin no
> AllowUsers      kcmanny
> PasswordAuthentication yes
> ChallengeResponseAuthentication no
> GSSAPIAuthentication yes
> GSSAPICleanupCredentials yes
> UsePAM yes
> X11Forwarding yes
> Subsystem       sftp    /usr/libexec/openssh/sftp-server

Looks ok.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.770_FC2smp 
Serendipity 02:34:40 up 1 day, 30 users, load average: 0.46, 0.52, 0.55 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050318/6d8f9c9b/attachment-0001.sig>


More information about the fedora-list mailing list