On 2017-08-08 at 18:57:25, Jean-Marc wrote:
> So, if the default value "prohibit-password" is secure enough, maybe changing
> this line
>
> ALLOW_SSH_ROOT_USER=unset
>
> can solve this.
It looks fine to me, but I'm not entirely sure that we should stop
recommending that root logins be
Dear Maintainers,
Another similar problem hits the PermitRootLogin parameter.
The openssh-server in Debian testing / Buster (Version: 1:7.4p1-10+deb9u1) sets
prohibit-password as default value for the PermitRootLogin parameter.
If not present in the sshd_config file, rkhunter considers the
The solution to this problem is changing the default configuration for
rkhunter, would appreciate it if the change was implemented ASAP instead
of waiting for the next version 3 years down the road:
File /etc/rkhunter.conf:
(line 320) From:
#ALLOW_SSH_PROT_V1=0
(line 320) To:
