Displaying 20 results from an estimated 6000 matches similar to: "sshd: ssh_config default setting - PermitRootLogin yes"
2009 Apr 04
3
[Bug 1586] New: [FEATURE REQ] PermitRootLogin and restricting to specific hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1586
Summary: [FEATURE REQ] PermitRootLogin and restricting to
specific hosts
Product: Portable OpenSSH
Version: 5.2p1
Platform: amd64
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Miscellaneous
2006 Aug 09
4
[Bug 1216] Warn via Logwatch when sshd PermitRootLogin is in effect
http://bugzilla.mindrot.org/show_bug.cgi?id=1216
Summary: Warn via Logwatch when sshd PermitRootLogin is in effect
Product: Portable OpenSSH
Version: 4.3p2
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
2003 Jan 29
2
PermitRootLogin=yes no longer lets root login
Hi All,
While testing another patch, I found that I could not longer log in as
root, even if PermitRootLogin was yes. It seems to be the following
code in auth_password:
$ cvs diff -r1.48 -r1.49 auth-passwd.c
[snip]
#ifndef HAVE_CYGWIN
- if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
+ if (pw->pw_uid == 0 && options.permit_root_login !=
2005 Jan 20
1
PermitRootLogin without-password functionality differs for UsePAM yes/no option
Hi,
I am using OpenSSH 3.9p1. For " UsePAM yes/no " option with "
PermitRootLogin without-password", the server functionality differs.
For " UsePAM yes ", the server allows authentication thru password,
meanwhile " UsePAM no " does not. I have fixed that problem and the
patch is given below.
2002 Aug 12
1
PermitRootLogin=forced-commands-only does not work with UsePrivilegeSeparation=yes
Using openssh-3.4p1 on Linux I noticed that PermitRootLogin=forced-commands-only
does not work if UsePrivilegeSeparation is enabled; but it does work if privsep
is disabled.
Here are excerpts of debug from the server.
-----------UsePrivilegeSeparation DISABLED-------
...
Found matching DSA key: 56:9d:72:b0:4f:67:2e:ed:06:e7:41:03:e2:86:52:0d^M
debug1: restore_uid^M
debug1: ssh_dss_verify:
2008 Feb 07
1
"PermitRootLogin no" fails
I'm running version 4.7p1 of OpenSSH on a Linux system (it was
originally a RedHat system, but I've changed almost everything.) When
I originally built OpenSSH I used the config option --without-pam, and
installed the software in /usr/local. I explicitly forbade root login
with sshd (by setting the PermitRootLogin to "no" in the sshd_config
file), but found that I could login as
2013 Jan 14
3
[Bug 2061] New: Request for PermitRootLogin to be enforced prior to credential check
https://bugzilla.mindrot.org/show_bug.cgi?id=2061
Bug ID: 2061
Summary: Request for PermitRootLogin to be enforced prior to
credential check
Classification: Unclassified
Product: Portable OpenSSH
Version: 6.1p1
Hardware: Other
OS: OpenBSD
Status: NEW
Severity: enhancement
2003 Nov 17
1
3.7.1P2, PermitRootLogin and PAM with hidden NISplus passwords
Greetings,
I know that part of the following has been discussed here before but
please bear with me.
We are running on Solaris versions 2.6 - 9 with a NISplus name service.
The permissions on the NISplus password map have been modified to
limit read access to the encrypted password field of the passwd table
to only the entry owner and the table administrators. See:
2015 Sep 02
3
[Bug 2456] New: gssapi-keyex blocked by PermitRootLogin=without-password
https://bugzilla.mindrot.org/show_bug.cgi?id=2456
Bug ID: 2456
Summary: gssapi-keyex blocked by
PermitRootLogin=without-password
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: sshd
2015 Feb 20
6
[Bug 2354] New: please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354
Bug ID: 2354
Summary: please document that PermitRootLogin really checks for
uid=0
Product: Portable OpenSSH
Version: 6.7p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Documentation
2003 Feb 06
2
[Bug 486] New: "PermitRootLogin no" can implicitly reveal root password
http://bugzilla.mindrot.org/show_bug.cgi?id=486
Summary: "PermitRootLogin no" can implicitly reveal root password
Product: Portable OpenSSH
Version: 3.5p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: security
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at
2003 May 06
0
[Bug 486] "PermitRootLogin no" can implicitly reveal root password
http://bugzilla.mindrot.org/show_bug.cgi?id=486
cjwatson at debian.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
------- Additional Comments From cjwatson at debian.org 2003-05-06 10:08
2015 Aug 19
3
[Bug 2445] New: Fix gssapi-with-mic support when is set to PermitRootLogin without-password
https://bugzilla.mindrot.org/show_bug.cgi?id=2445
Bug ID: 2445
Summary: Fix gssapi-with-mic support when is set to
PermitRootLogin without-password
Product: Portable OpenSSH
Version: 7.0p1
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5
Component: sshd
2013 Oct 23
7
[Bug 2164] New: PermitRootLogin=without-password as default
https://bugzilla.mindrot.org/show_bug.cgi?id=2164
Bug ID: 2164
Summary: PermitRootLogin=without-password as default
Product: Portable OpenSSH
Version: 6.2p1
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2006 Feb 13
2
PermitRootLogin proplem
Hi all,
I think that there is a security problem with the PermitRootLogin
option.
I asked an root ssh connection:
$ ssh root at machine
root at machine's password:
I typed no password, this prompt stayed in place.
In a second time, I changed the PermitRootLogin to no, and then restart
ssh server.
Third, I typed the password on the previous prompt, and the access was
allowed.
I then
2004 Mar 22
1
PermitRootLogin issues
Hello,
I'm currently experiencing the issue laid out in this thread from last year:
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=106908815129641&w=2
The discussion that ensued resulted in a number of ideas on how best to
'fix' this issue. The two that seemed most reasonable were:
1. implement a pubkey-only option to PermitRootLogin that would only
allow root to login
2005 Mar 07
3
[Bug 995] PermitRootLogin by IP address block specification
http://bugzilla.mindrot.org/show_bug.cgi?id=995
Summary: PermitRootLogin by IP address block specification
Product: Portable OpenSSH
Version: 3.6.1p2
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P3
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
2003 Jun 06
1
X11 forwarding after su'ing
> > 3. why not use ssh -X -l <thotheruserIwantedsuto?> <thehost>?
> Maybe, because -l root ain't that nice?
> Philipp
Sorry for refering so late to a (securityfocus) post, but the Subject
has been nagging me for the last month ;-) Problem was how to keep your
DISPLAY, xauth and security (no 'ssh root at host' over the net) when
changing users remotely
2012 Jul 05
2
[Bug 1846] New: wishlist: [PATCH] sshd_config - reformat for easier reading
https://bugzilla.mindrot.org/show_bug.cgi?id=1846
Priority: P2
Bug ID: 1846
Assignee: unassigned-bugs at mindrot.org
Summary: wishlist: [PATCH] sshd_config - reformat for easier
reading
Severity: enhancement
Classification: Unclassified
OS: All
Reporter: jari.aalto at cante.net
2015 Feb 21
2
"PermitRootLogin no" should not proceed with root login
Steps to reproduce:
1) PermitRootLogin no in sshd_config
2) login with "root" user from other host
Present behaviour:
1) it asks for password 3 times and only then close the connection.
2) cpu consumption during bruteforce "attacks".
Expected behaviour:
Immediate disconnect/login fail
Workaround is to change ssh port, or ban IP after some login fails, or
limit IP that can