Bug 169678
Summary: | "PermitRootLogin no" fails to prevent scp logins | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Colin Walters <walters> |
Component: | openssh | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED NOTABUG | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4.0 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-10-04 11:16:58 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Colin Walters
2005-09-30 23:33:22 UTC
"scp /path/to/file root@hostname" is roughly identical to "cp /path/to/file root@hostname" You forgot to put ':' after the hostname. The scp uses ssh to connect to the remote machine so the "PermitRootLogin no" setting must apply to it too. Hi, I do forget to add the colon suffix sometimes, but when that occurs, I always immediately realize my mistake when I don't see the expected remote copy progress output. I didn't add the trailing : in my bug report because I wasn't pasting actual commands, the quotes were misleading there. I think what happened was that at some point during my testing sshd didn't restart correctly and didn't pick up the updated configuration. I do see output in the system logs about it failing to bind to port 22 when I execute "service sshd restart" sometimes. Anyways, more extensive testing has convinced me that PermitRootLogin no does appear to prevent scp logins, so my apologies for taking up your time with the bug. > I do see output in the system logs about it failing to bind to port 22 when I > execute "service sshd restart" sometimes. This is bug 120302 and it should be harmless. |