Hi Jim, I will give it a bash. I did some reading up on the subject of root logins yesterday. Apparently, (according to what I read), the /etc/securetty does not restrict root from logging in to your system via SSH on port 22, even if you empty the securetty file completely. This is not a bug, but a feature (no, serious!).
You were right though - changing 'PermitRootLogin' in sshd_config *does* make a world of difference ! Jason ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, July 05, 2003 6:00 PM Subject: Seawolf-list digest, Vol 1 #1746 - 2 msgs > Send Seawolf-list mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, visit > https://www.redhat.com/mailman/listinfo/seawolf-list > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Seawolf-list digest..." > > > Today's Topics: > > 1. Re:compiling kernel (shane c branch) > 2. RE:remote ssh denied (James P. Roberts) > > --__--__-- > > Message: 1 > Date: Fri, 04 Jul 2003 15:57:48 -0400 > From: "shane c branch" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: compiling kernel > Reply-To: [EMAIL PROTECTED] > > > > *********** REPLY SEPARATOR *********** > > On 7/1/2003 at 1:55 AM [EMAIL PROTECTED] wrote: > > >I am trying to compile the 2.4.20 kernel to include video4linux support > >and I > >am having a problem. I run in the following order > > > >make menuconfig > >---and set the option for v4l > > > >make dep > > > >make clean > > > >make bzImage > > > >make modules > > > >make modules_install > > > > > >at the end of the procedure I have a bzImage file and i have a 2.4.20 > >directory off of /lib/modules but it is almost empty. I noticed that > >while > >running 'make modules' > >it was constantly reporting 'nothing to do for directory xxx' I'm not > >shure > >I ever saw it compile anything. Thanks for any help. BB > > > > > >_______________________________________________ > >Seawolf-list mailing list > >[EMAIL PROTECTED] > >https://www.redhat.com/mailman/listinfo/seawolf-list > > I don't know how to help with your problem, but FWIW you can run all those > commands on the same line > # make dep clean;make bzImage modules modules_install > > regards, > > shane > > > > --__--__-- > > Message: 2 > From: "James P. Roberts" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: RE:remote ssh denied > Date: Fri, 4 Jul 2003 16:42:00 -0400 > Organization: Punster Productions, Inc. > Reply-To: [EMAIL PROTECTED] > > > Thanks, Jim. > > > > I'm not in the US, and it's going to be quite a long while > > before we have a holiday .... and no prizes for guessing > > what I'll be doing while some individuals on > > this list are going to be drinking beers and munching > > hotdogs ;) > > > > B.T.W. I forgot to mention the /etc/securetty file. > > I wonder if that's what is causing it? This file > > looks like it is used to restrict root logins, but I > > am not sure how it's logic works, or whether I need to > > send a SIGHUP to some bloomin' daemon after editing > > it. The file contains a list terminal devices, so probably > > these are the terminals it (accepts?) root logins from. > > > > Interestingly, the /etc/securetty file on my > > RH 7.1 server contains tty1 thru to 8, but I can > > still use PuTTY to access it remotely. As per usual, this > > server was set up by someone else, and it's > > our (my) job to administer it. > > > > Jason > > > > My first guess was that a remote putty session would use a tty, but on my > system, instead of tty#, it is using pts/#. (I did a ps -ax to see this). > Interesting. So much for gut instinct. I checked my own /etc/securetty, but > there was no mention of any "pts". "man securetty" says the file is used by > login() to specify which terminals root can log into. > > Personally, I disallow direct login as root through ssh. However, once I am > logged in as an ordinary user, I can "su" to root (even though the terminal I > am [apparently] on is not one of the tty's listed in /etc/securetty). Go > figure. Have you tried this? > > I wonder if maybe pts/# is an alias for a tty? I still have so much to learn. > > Jim > > > > > --__--__-- > > _______________________________________________ > Seawolf-list mailing list > [EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/seawolf-list > > > End of Seawolf-list Digest _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/seawolf-list
