Bug#865972: #865972 - same problem of false positive regarding PermitRootLogin parameter
Jean-Marc
jean-marc at 6jf.be
Tue Aug 8 16:57:25 UTC 2017
Dear Maintainers,
Another similar problem hits the PermitRootLogin parameter.
The openssh-server in Debian testing / Buster (Version: 1:7.4p1-10+deb9u1) sets prohibit-password as default value for the PermitRootLogin parameter.
If not present in the sshd_config file, rkhunter considers the default value as 'yes' allowing root access using password and will generate a warning.
So, if the default value "prohibit-password" is secure enough, maybe changing this line
ALLOW_SSH_ROOT_USER=unset
can solve this.
Regards,
Jean-Marc <jean-marc at 6jf.be>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/forensics-devel/attachments/20170808/3ede6b1c/attachment.sig>
More information about the forensics-devel
mailing list