-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi,
rkhunter 1.29 on Debian Etch (v4.0) on a i386 architecture system reports: Unknown PermitRootLogin value found in file /etc/ssh/sshd_config What I have in /etc/ssh/sshd_config is this (hexdump, output rewrapped): *** quote (start) ****************************************************** 00000270 69 6e 47 72 61 63 65 54 69 6d 65 20 36 30 30 0a |inGraceTime 600.| 00000280 50 65 72 6d 69 74 52 6f 6f 74 4c 6f 67 69 6e 20 |PermitRootLogin | 00000290 6e 6f 20 0a 53 74 72 69 63 74 4d 6f 64 65 73 20 |no .StrictModes | *** quote (end) ******************************************************** i.e. nothing unusual. The value of 'no' should be correct, based on what can be found in man 5 sshd_config (output rewrapped): *** quote (start) ****************************************************** $ man 5 sshd_config|grep -A 16 PermitRootLogin Reformatting sshd_config(5), please wait... PermitRootLogin Specifies whether root can log in using ssh(1). The argument must be “yes”, “without-password”, “forced-commands-only” or “no”. The default is “yes”. If this option is set to “without-password” password authentica‐ tion is disabled for root. If this option is set to “forced-commands-only” root login with public key authentication will be allowed, but only if the command option has been specified (which may be useful for taking remote backups even if root login is normally not allowed). All other authentication methods are disabled for root. If this option is set to “no” root is not allowed to log in. PermitTunnel *** quote (end) ******************************************************** I guess rkhunter must be missing a legitimate value here. Thanks for investigating. Btw, I realize there are loads of bug reports on the mailing list. Wouldn't it be better to use a structured way of reporting? As rkhunter is able to identify the OS and even has IDs for them, one could write an error reporting script just like Debians' reportbug which could feed its reports right into a bugzilla. Wouldn't this be a much more structured and nicer way to manage the many, many user feedbacks? Moritz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGxLKxn6GkvSd/BgwRChuyAKCWQYBstdr8mWluniDxnbU1o4+82wCfbzIi 4qfg3SJF1XC3u9kYxkOUpOU= =p5Wo -----END PGP SIGNATURE----- ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
