Howdy all,
Running RHEL 6.x, in /etc/ssh/sshd_config we find "#PermitRootLogin yes" - the
default is permitted. I added to my rkhunter.conf the
"ALLOW_SSH_ROOT_USER=yes" override - however, it seems the program logic is
such it doesn't evaluate the override IF it cannot find the PermitRootLogin
value in sshd_config.
Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'yes'.
Checking if SSH root access is allowed [ Warning ]
Warning: The SSH configuration option 'PermitRootLogin' has not been set.
The default value may be 'yes', to allow root access.
If I uncomment the line in sshd_config then my allow override works and my
system isn't flagged with the unhappy red text! ;)
Suggestion:
Change the logic flow so even if rkhunter cannot find PermitRootLogin in
sshd_config IF the allow override is in place then don't flag a warning.
Apologies if someone already suggested this.
S
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
