(SOLVED) Rkhunter warning

[Dragynn]

Edit /etc/rkhunter.conf
find the line
     ALLOW_SSH_ROOT_USER=no
and change to read
     ALLOW_SSH_ROOT_USER=without-password

Regards
Andy

Hi Andy, and thanks for the info, but actually I wanted to make not allowing root log-in to SSH persist, not change the rkhunter file to match what seems to be the default setting for ssh.

Forgive my noobness, but what would I possibly use SSH for anyway? And why does sshd start with every boot despite the fact that i've unchecked the "boot" tab in the services control panel?

Wouldn't having SSH set to "without-password" be a security risk?

Thanks again for any help!

[7272andy]

If memory serves, SSH (Secure Shell) is an encrypted networking protocol operating over a secure channel between two machines; it's not perfect, but it's close. It's normally used by administrators to access remote machines. e.g. The administrator could log in and reboot the corporate e-mail server while still at home.

If you look around the forum you'll find it in use by other members to access remote servers or other machines in order to perform housekeeping, access files or to provide remote desktop help.

SSH without password allows you to login to a remote machine automatically in situations where entering a password may not be possible or appropriate (e.g from a shell script). In this case authentication is managed by keys generated when you first setup the link.

I don't think this is a big risk to your system (at least I've seen no evidence to suggest it is), I don't know why it starts if you've unchecked it in the Services panel, hopefully someone with more nouse than me can explain that (and correct me if I've made any mis-statements above).

Regards
Andy