file-disable-root-login: Disable SSH Root Login

漏洞描述

Disabling direct root login can help prevent unauthorized users from gaining full control over your system.

PoC代码[已公开]

id: file-disable-root-login

info:
  name: Disable SSH Root Login
  author: pussycat0x
  severity: unknown
  description: |
    Disabling direct root login can help prevent unauthorized users from gaining full control over your system.
  remediation: |
    Set PermitRootLogin no in /etc/ssh/sshd_config to disable root login and restart the SSH service.
  reference:
    - https://vishalraj82.medium.com/hardening-openssh-security-37f5d634015f
    - https://www.tecmint.com/disable-or-enable-ssh-root-login-and-limit-ssh-access-in-linux/
  metadata:
    verified: true
  tags: audit,config,file,ssh

file:
  - extensions:
      - all

    matchers:
      - type: word
        words:
          - "PermitRootLogin yes"
# digest: 4b0a0048304602210095f832f934bcf5d2aa65398bb50cc4d2f81d335f8c2522a05b0922f906e24f39022100e10c5047a0952c1df8f5ce6b985ad5db5454c674cf35cc9e32156c4beebce5b6:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./file/audit/ssh/file-disable-root-login.yaml