ALLOW_SSH_ROOT_USER only looks in main sshd_config, add sshd_config.d

Brought to you by: dogsbody, dogsbodymark

#190 ALLOW_SSH_ROOT_USER only looks in main sshd_config, add sshd_config.d

Milestone: main

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2025-10-08

Created: 2024-12-23

Creator: Justin F. Hallett

Private: No

bookworm (I'm sure other distros as well) added /etc/ssh/sshd_config.d for user changes making package updates easier and cleaner. Sadly when PermitRootLogin is set in a sub config rkhunter doesn't look follow to find it and falsely reports it.

Maybe a way could be added to parse the sshd_config file to find includes?

Discussion

Anton Avramov - 2025-10-08

It's actually a security issue since someone can add PermitRootLogin in /etc/ssh/sshd_config and then override it in /etc/ssh/sshd_config.d/ later on.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

ALLOW_SSH_ROOT_USER only looks in main sshd_config, add sshd_config.d

Group

Searches

Help

#190 ALLOW_SSH_ROOT_USER only looks in main sshd_config, add sshd_config.d

Discussion