I'm a somewhat beginner to...although I did compile my first driver the other day (yay!)
Anyway, here's my relevant log sections:
[13:43:47] /usr/sbin/rkhunter [ Warning ]
[13:43:47] Warning: The command '/usr/sbin/rkhunter' has been replaced and is not a script: /usr/sbin/rkhunter: a /bin/sh script text executable
[13:45:57] Checking '/etc/xinetd.d/saned' for enabled services [ Warning ]
[13:46:14] Warning: The SSH and rkhunter configuration options should be the same:
[13:46:14] SSH configuration option 'PermitRootLogin': without-password
[13:46:14] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no
Any help how to fix these is appreciated. The last one is really worrying, how do I disable root login via ssh?
I've had these same warnings myself.
The first one about /usr/sbin/rkhunter I think is due to rkhunter -c being run for the first time.
I checked it via google and to my knowledge it's a false alarm.
You can get rid of it by editing /etc/rkhunter.conf. Add the last line of the following (bold).
I think the second waning is also false. Googled that too.
Add the next to /etc/rkhunter.conf (again the bold line):
# Allow the following enabled xinetd services. Whilst it would be
# nice to use the service names themselves, at the time of testing
# we only have the pathname available. As such, these entries are
# the xinetd file pathnames.
# Only one service (file) per line (use multiple XINETD_ALLOWED_SVC lines).
Notice there's no hash in the beginning of added lines.
The third warning about SSH root login I found somewhere in the web a solution how to change the login to not permitted. I'm sorry , but I can't remember how it was done right now.
Anyway I got it changed to not permitted, but a few days later it had somehow changed to permitted again (maybe updating PClinuxOs does that?).
I maybe wrong, but I don't think it's an issue.
I'll get back to that later.
After you've edited /etc/rkhunter.conf, try running rkhunter -c to see if those two warnings have gone.