Just did cPanel upgrade to v80.0.9. Immediate issues I observed:
1) Security Advisor shows 'SSH direct root logins are permitted' and suggests 'Manually edit /etc/ssh/sshd_config and change PermitRootLogin to “without-password” or “no”, then restart SSH'.
Note: my sshd_config was set to 'no' prior and got changed to 'yes'. I just changed file to 'no' and restarted SSH and same warning in Security Advisor still shows.
2) SSH Password Authorization Tweak was set to 'disabled' prior and got changed to 'enabled'. I changed back to 'disabled'. Regardless of either setting, Security Advisor shows green check as 'disabled'.
I'm concerned that during upgrade, some security settings have been set to less secure settings.
I have rebooted server twice. No changes.
Advice anyone?
Thanks.
Mod Edit Note: The third-question was moved to a separate thread.
1) Security Advisor shows 'SSH direct root logins are permitted' and suggests 'Manually edit /etc/ssh/sshd_config and change PermitRootLogin to “without-password” or “no”, then restart SSH'.
Note: my sshd_config was set to 'no' prior and got changed to 'yes'. I just changed file to 'no' and restarted SSH and same warning in Security Advisor still shows.
2) SSH Password Authorization Tweak was set to 'disabled' prior and got changed to 'enabled'. I changed back to 'disabled'. Regardless of either setting, Security Advisor shows green check as 'disabled'.
I'm concerned that during upgrade, some security settings have been set to less secure settings.
I have rebooted server twice. No changes.
Advice anyone?
Thanks.
Mod Edit Note: The third-question was moved to a separate thread.
Last edited by a moderator: