LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page rkhunter
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-27-2005, 06:33 PM   #1
atlaika
Member
 
Registered: Oct 2005
Posts: 45

Rep: Reputation: 15
rkhunter

I scanned with rkhunter and it picked up one thing.
Code:
* Check: SSH
   Searching for sshd_config...
   Found /etc/ssh/sshd_config
   Checking for allowed root login... Watch out Root login possible. Possible risk!
    info:
    Hint: See logfile for more information about this issue
   Checking for allowed protocols...                          [ Warning (SSH v1 allowed) ]
Do I need to fix anything and if > how?
 
Old 11-27-2005, 06:50 PM   #2
spooon
Senior Member
 
Registered: Aug 2005
Posts: 1,755

Rep: Reputation: 51
to disable root login, edit /etc/ssh/sshd_config and uncomment the line that says "PermitRootLogin" and make it say "PermitRootLogin no"
 
Old 11-27-2005, 07:56 PM   #3
atlaika
Member
 
Registered: Oct 2005
Posts: 45

Original Poster
Rep: Reputation: 15
Done :-)
Thank you very much.

uncomment means that I have to remove the "#" true?
Last edited by atlaika; 11-27-2005 at 09:31 PM.
 
Old 11-27-2005, 08:23 PM   #4
lord-fu
Member
 
Registered: Apr 2005
Location: Ohio
Distribution: Slackware && freeBSD
Posts: 676

Rep: Reputation: 30
Edit file and make sure Protocol 2 is the only allowed protocol as well.
Yes removing # is uncommenting. As well as adding a # comments a line out.
Last edited by lord-fu; 11-27-2005 at 08:24 PM.
 
Old 11-27-2005, 08:45 PM   #5
atlaika
Member
 
Registered: Oct 2005
Posts: 45

Original Poster
Rep: Reputation: 15
Thank you.
Code:
#Port 22
#Protocol 2,1
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
Do you mean edit "#Protocol 2.1" to "Protocol 2.0"?
 
Old 11-27-2005, 08:52 PM   #6
lord-fu
Member
 
Registered: Apr 2005
Location: Ohio
Distribution: Slackware && freeBSD
Posts: 676

Rep: Reputation: 30
Protocol 2
Exactly as above. Make sure to remove # in front though.
 
Old 11-27-2005, 09:06 PM   #7
spooon
Senior Member
 
Registered: Aug 2005
Posts: 1,755

Rep: Reputation: 51
Oh yeah also when you're done remember to restart the SSH server with "service sshd restart" or something like that.
 
Old 11-29-2005, 10:47 AM   #8
atlaika
Member
 
Registered: Oct 2005
Posts: 45

Original Poster
Rep: Reputation: 15
Thank you both.
Did as you suggested and changed to Protocol 2.0
Quote:
Originally posted by spooon
Oh yeah also when you're done remember to restart the SSH server with "service sshd restart" or something like that.
It can't find the command "service sshd restart"
I am on -
SuSE 10.0 GM
Do you happen to know what the command to restart would be?

edit

I just ran rkhunter again.
I have installed a couple of things. Unsure if it is new or I missed it the first time.
Code:
- OpenSSL 0.9.7g                                           [ Vulnerable ]
Vulnerable applications: 1
Any suggestions please?

edit
http://forums.scotsnewsletter.com/in...0&#entry167632
http://www.redhat.com/docs/manuals/l...rivileges.html

Is it a false positive?

Last edited by atlaika; 11-29-2005 at 01:08 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
rkhunter cronjob simcox1 Linux - Security 11 11-21-2005 08:25 AM
rkhunter found the following monroetech Linux - Security 3 12-20-2004 08:51 PM
rkhunter phatbastard Linux - Security 3 12-08-2004 09:44 PM
Getting Warning during rkhunter? BajaNick Linux - Security 8 09-12-2004 08:34 PM
rkhunter or chkrootkit? marlor Linux - Security 2 08-28-2004 08:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:32 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration