On Thu 24 Aug 2017 at 21:16:26 +0200, Dejan Jocic wrote: > On 24-08-17, Brian wrote: > > On Thu 24 Aug 2017 at 15:44:30 +0200, Rob van der Putten wrote: > > > > > Hi there > > > > > > > > > On 24/08/17 15:39, Dan Ritter wrote: > > > > > > >As of Stretch, the standard OpenSSH sshd does not support > > > >Protocol 1, so there's no particular reason to enforce it > > > >by stating Protocol 2. > > > > > > I assumed as much. It's just a simple way to keep rkhunter happy. > > > > > > >PermitRootLogin now defaults to "prohibit-password", which > > > >means that you can log in as root with a proper SSH key or > > > >via other methods you have set up, but not with a password. > > > >Another useful argument is forced-commands-only, which requires > > > >both public-key authentication and a command="blah blah" option > > > >in the authorized_keys file, and only allows those commands to > > > >be run. If you've got a pull backup system, that can help. > > > > > > The alternative would be to reconfigure rkhunter. > > > > You could make a start by purging it from your system. It performs no > > useful function. > > > > -- > > Brian. > > > > Could you explain that bit more, please?
apt-get purge rkhunter. Enough?
