-----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Steven Buehler Sent: Monday, May 09, 2011 2:19 PM To: redhat-list@xxxxxxxxxx Subject: ssh allowing root login with no password I am trying to setup our servers to only allow logins with a public/private key pair. 2 of our machines have to have root login access with ssh and the rest, we will login as another account and su to root. I just started with this company and on their boxes which range from version 5.1 to 5.5, if I open up the firewall to allow ssh access from anywhere, I can ssh to root without a password. The only uncommented lines in the /etc/ssh/sshd_config are the following: Protocol 2 SyslogFacility AUTHPRIV PasswordAuthentication no ChallengeResponseAuthentication no GSSAPIAuthentication yes GSSAPICleanupCredentials yes UsePAM no PubkeyAuthentication yes AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL GatewayPorts yes X11Forwarding yes Subsystem sftp /usr/libexec/openssh/sftp-server I'm hoping that someone can lead me in the right direction as I can't figure this one out. If this was only one machine, I would assume that it might have been hacked, but this is all of their servers and VM's that will allow me to ssh to them without a login/password and get into root. Luckily, they have always had their (supposedly anyway) iptables set to only allow access from specific IP's. Thanks Steve [[Brad Sites]] I would look in /root/.ssh. I bet they have an authorized_keys file there along with known_hosts. That is where I would start looking. -Brad -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
