Dear Maintainers,

Another similar problem hits the PermitRootLogin parameter.

The openssh-server in Debian testing / Buster (Version: 1:7.4p1-10+deb9u1) sets 
prohibit-password as default value for the PermitRootLogin parameter.

If not present in the sshd_config file, rkhunter considers the default value as 
'yes' allowing root access using password and will generate a warning.

So, if the default value "prohibit-password" is secure enough, maybe changing 
this line


can solve this.


Jean-Marc <>

Attachment: pgp4Y_HkOwqlv.pgp
Description: PGP signature

forensics-devel mailing list

Reply via email to