Bug#865972: #865972 - same problem of false positive regarding PermitRootLogin parameter

Jean-Marc jean-marc at 6jf.be
Tue Aug 8 16:57:25 UTC 2017

Dear Maintainers,

Another similar problem hits the PermitRootLogin parameter.

The openssh-server in Debian testing / Buster (Version: 1:7.4p1-10+deb9u1) sets prohibit-password as default value for the PermitRootLogin parameter.

If not present in the sshd_config file, rkhunter considers the default value as 'yes' allowing root access using password and will generate a warning.

So, if the default value "prohibit-password" is secure enough, maybe changing this line


can solve this.


Jean-Marc <jean-marc at 6jf.be>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/forensics-devel/attachments/20170808/3ede6b1c/attachment.sig>

More information about the forensics-devel mailing list