I forgot to mention the most annoying aspect of the bug, which is that
there is no workaround.
If I change rkhunter's configuration file to use "permitrootlogin" (all
lower-case), somewhat unsurprisingly, the problem still occurs.
[09:34:26] Info: Found SSH /etc/ssh/sshd_config configuration file:
[09:34:26] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'permitrootlogin'.
[09:34:26] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'.
[09:34:26] Checking if SSH root access is allowed [ Warning ]
[09:34:26] Warning: The SSH and rkhunter configuration options should be the
same:
[09:34:26] SSH configuration option 'PermitRootLogin': yes
[09:34:26] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER':
permitrootlogin
But, surely, if we change the directive in the SSH configuration file,
and even restart the SSH daemon, the problem will be solved! Nope,
wrong.
[09:39:11] Info: Found SSH /etc/ssh/sshd_config configuration file:
[09:39:11] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'permitrootlogin'.
[09:39:11] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'.
[09:39:11] Checking if SSH root access is allowed [ Warning ]
[09:39:11] Warning: The SSH and rkhunter configuration options should be the
same:
[09:39:11] SSH configuration option 'PermitRootLogin': yes # <--- This
is wrong! The sshd_config file contains "permitrootlogin"!
[09:39:11] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER':
permitrootlogin
So, we're stuck with a warning on every run, with no means by which to
suppress it effectively. This renders the tool useless.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1548432
Title:
rhkunter interprets mixed-case directive incorrectly in configuration
file(s)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rkhunter/+bug/1548432/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
