Good day Root Kit Hunter's.. I have run into a bit of a configuration issue,
that does not seem to like being resolved.. I have several other hosts running
with the exact same configuration that do not produce any SSHD warnings. The
biggest difference is that I recently added the sshd service to our puppet
server for this particular host, so the file is new, which I understand
requires a --propupd.
OS: Centos 6.5
RKHunter Scan Log
[10:09:51] Warning: The SSH and rkhunter configuration options should be the
same:
[10:09:51] SSH configuration option 'PermitRootLogin': no
[10:09:51] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no
grep PermitRootLogin /etc/ssh/sshd_config
PermitRootLogin no
grep ALLOW_SSH_ROOT /etc/rkhunter.conf
ALLOW_SSH_ROOT_USER="no" (have also tried no without quotes, and I also tried
without-password in both places as well)
I have searched both RKhunter.conf and SSHD_Config for extra whitespace and
anything else out of the ordinary, and ran the scans the following ways, all
after sshd restarts, and I even went so far as to reboot the host.
Rkhunter -update && rkhunter -propupd && rkhunter -c -sk
Or
rkhunter -propupd && rkhunter -c -sk
And for good measure
rkhunter -c -sk and without the -sk as well.
Any ideas out there?
John Massey
Senior Network Engineer
Vistronix, Inc.
------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
