Improve sshd detection/logic #262

vpetersson · 2020-02-14T14:53:22Z

Currently, simply check sshd_config to determine if a particular configuration line is present. The problem with that is that it isn't bullet proof, as the default values will vary over versions.

A better way of doing this is to instead rely on the -T option in sshd, which will spit out the current version.

For instance, here we can check for root login:

$ sudo sshd -T | grep permitroot
permitrootlogin without-password

The text was updated successfully, but these errors were encountered:

vpetersson · 2020-03-27T09:50:29Z

@a-martynovich this is done, right?

a-martynovich · 2020-03-27T10:08:07Z

@vpetersson i think we came to an agreement that this is unreliable

vpetersson · 2020-03-27T10:12:43Z

Sorry, yes, you're right. At least for the time being given older distros.

vpetersson added the story-points-unknown Unknown Story Points label Mar 9, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Improve sshd detection/logic #262

Improve sshd detection/logic #262

vpetersson commented Feb 14, 2020

vpetersson commented Mar 27, 2020

a-martynovich commented Mar 27, 2020

vpetersson commented Mar 27, 2020

Improve sshd detection/logic #262

Improve sshd detection/logic #262

Comments

vpetersson commented Feb 14, 2020

vpetersson commented Mar 27, 2020

a-martynovich commented Mar 27, 2020

vpetersson commented Mar 27, 2020