Page 1 of 1

ssh root login

Posted: Fri Jul 22, 2016 7:09 am
by hatahata
hi all.
i rewrite /ets/sshd_config

Code: Select all

cat /etc/ssh/sshd_config | grep Root
PermitRootLogin no
  
at present i can still do root login by ssh-client on dietpi openssh-server .
how to prevent it ?

this may damage the usage of dietpi as server .
ssh is very convinient for remote manipulation .

---
regards

Re: ssh root login

Posted: Fri Jul 22, 2016 4:29 pm
by Fourdee
hatahata wrote:hi all.
i rewrite /ets/sshd_config

Code: Select all

cat /etc/ssh/sshd_config | grep Root
PermitRootLogin no
  
at present i can still do root login by ssh-client on dietpi openssh-server .
how to prevent it ?

this may damage the usage of dietpi as server .
ssh is very convinient for remote manipulation .

---
regards
Did you restart the ssh service after making those changes?

Code: Select all

service ssh restart

Re: ssh root login

Posted: Fri Jul 22, 2016 5:25 pm
by hatahata
thanks.

i did
/etc/init.d/ssh restart

Code: Select all

  

comment-out.bat /etc/ssh/sshd_config
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 1024
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes

Code: Select all

cat comment-out.bat                     
awk '$1 !~ "#"{print}' $1 | awk 'NF >0 {print}' -
-----------------
regards