SSH login permitted for root - Complete Cloud Security in Minutes - Orca Security

Authentication

SSH login permitted for root

Risk Level

Informational (4)

Platform(s)

N/A

Compliance Frameworks

Description

The SSH configuration on the operation system is set to permit root login. Root login with SSH is vulnerable to brute force attacks, which could result in asset compromise if successful.

Recommended Mitigation

It is recommended to edit the SSH configuration file (/etc/ssh/sshd_config) and change the ""PermitRootLogin"" field from 'yes' to other allowed argument, according to best practices, in order to secure SSH authentication process

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.