Problems with disabling remote root login

UNIX AIX
1

Hello!

I'm going through security checklist for AIX 5.3 and i just can't disable remote login for root through ssh.
What i did:

  • in /etc/security/user i added a line:
    rlogin = false
    which works fine when i try to login through telnet
  • after installation of openSSH i edited sshd_config - uncommented line: PermitRootLogin yes
  • restarted sshd: stopsrc -s sshd, startsrc -s sshd
  • then in smit in login controls for root i deleted ALL and added /dev/console (for this i'm not sure if it's correct)

And still I'm able to login remotely as root.

What did i miss?

2

Hey, is it a typo or ... because im able to ban remote login through ssh with PermitRootLogin no.
I belive root login is granted by default (or with PermitRootLogin yes such as your case).

3

OMG!
You'll have to forgive me guys... English is not my mother language, but still I'm speaking it relatively well.
But in this case i don't know what i was thinking. Of course, i know what Permit means, but somehow i was translating it as Deny. :o:o:o

Of course, it works when i set it to No.
Unbelievable!

Tnx, andryk:b:

4

Don't you want to change that to "no"?