LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 03-01-2006, 11:53 PM   #1
brendanmcdonald
LQ Newbie
 
Registered: Apr 2005
Location: Sydney
Posts: 4

Rep: Reputation: 0
Question Allow remote root logins using SSH


Hi, I'm trying to enable remote root access to my server (I know you don't want to do it but i'll only have it open for a few hours). I can ssh as a user and then sudo to root and this works ok.

What i'm trying to do is login directly as root remotely. I've nulled the /etc/securetty file and changed "PermitRootLogin yes" in the /etc/ssh/ssh_config and sshd_config files.

When i login from my remote box, I see the following:
f004603:/ >ssh root@sydmon14
Read from remote host sydmon14: Connection reset by peer
Connection to sydmon14 closed.

When I check my loginlog, this is what I see.
Mar 2 15:54:29 localhost sshd[9308]: ROOT LOGIN REFUSED FROM 10.12.80.44
Mar 2 15:54:29 localhost sshd[9308]: fatal: monitor_read: unsupported request: 24

Is there anything else I should be doing or somewhere else I can check ???

Thanks
 
Old 03-02-2006, 12:15 AM   #2
Hiel Van Campen
LQ Newbie
 
Registered: Apr 2002
Location: San Diego Ca
Distribution: Gentoo
Posts: 2

Rep: Reputation: 0
Did you restart your sshd to read your changes
 
Old 03-02-2006, 04:06 AM   #3
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,123

Rep: Reputation: 151Reputation: 151
I don't think you needed to 'null' the /etc/securetty file, but if after restarting sshd as Hiel Van Campen suggests it still doesn't work, can you try it again with ssh -v root@sydmon14 and post the output please?
 
Old 03-02-2006, 07:29 AM   #4
david.dales
Member
 
Registered: Aug 2005
Location: Hamburg, Germany
Posts: 39

Rep: Reputation: 15
Like the others said. You have to restart your ssh to read the changes. They are not dynamic.

Also, nulling (I assume you mean emptying the file) is a bad idea. If you want to allow root connections from another system, use the pty entries to control the number of terms allowed for root.

Example: /etc/securetty
pts/0
pts/1
and so on....

Enter as many pts entries as you want to allow terms for root. This will also allow you to telnet as root so you might want to disable the telnet-server in init.d or xinetd.d whichever you have if you haven't already.
 
Old 03-05-2006, 06:03 PM   #5
brendanmcdonald
LQ Newbie
 
Registered: Apr 2005
Location: Sydney
Posts: 4

Original Poster
Rep: Reputation: 0
I knew it was something simple. I restarted the SSHD daemon and all was okay. I've now put my entries back into /etc/securetty all is ok.

Thanks for your help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How do you deny root logins with ssh? Thaidog Linux - General 5 03-01-2006 04:36 PM
need some general help with remote logins felixnine Linux - Networking 5 03-01-2006 04:20 PM
Disabling the chroot in proftpd and enabling root logins on ssh/proftpd jon_k Linux - Software 1 06-16-2004 10:27 AM
Dynamic DNS for remote telnet ssh logins? nadsab Linux - Networking 10 03-27-2004 11:53 AM
SSH logins and limiting remote users login rights. redgore Linux - Networking 2 07-16-2002 03:22 AM


All times are GMT -5. The time now is 09:43 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration