Hello Team,
I’ve made changes in ssh_config file for all the 3 app servers. Task passed for app 2 and 3 but failed for app 1. Can someone please check on this.
The only trick here is once you update “PermitRootLogin no” in sshd_config file, you have to restart sshd service to make the changes effective. You might have missed to restart sshd service or update config in app1 server. Check if you have any screenshots with you.
Thanks,
Ram
3 Likes
Thanks Ram for clarifying.
I knew about this way to disable root login, but I choose to change the root’s shell instead to /sbin/nologin. I expected the system checking the result of the task - trying to connect with root or something. It’s not a critisim, I will do this way next time, but with more complex tasks where there are many ways to reach the same goals, maybe this result a lots of unnecessarily failed tasks. Of course it’s also possible I should have known that it’s the preferred method. Is it? Stating: “don’t change the root’s shell” in the task’s description would have helped too. Otherwise I love this “game” and system really works well without issues.
Hi @zboros
We appreciate your concern. The question clearly says Disable direct SSH root login so there should not be any confusion. By changing the login shell of the user you are disabling the login at all, even the local logins but in the task you are only asked to disable the direct SSH logins.
Thank you. You are right of course, I missed the SSH part.
1 Like