rkhunter warning about ssh root access when that access is not allowed on the system

The following values need to match:

  1. In rkhunter configuration:

    cat /etc/rkhunter.conf | grep ALLOW_SSH_ROOT_USER

    ALLOW_SSH_ROOT_USER=no

  2. In sshd configuration:

    cat /etc/ssh/sshd_config | grep PermitRootLogin

    PermitRootLogin no

Once they do match, you should not be warned by rkhunter any longer.


In case you have set in your /etc/ssh/sshd_config

PermitRootLogin without-password

Again in the /etc/rkhunter.conf the value must match, as in the following example:

ALLOW_SSH_ROOT_USER=without-password

Tags:

Security

Ssh

Root

Rkhunter

Recent Posts