Page MenuHomeVyOS Platform

"set service ssh allow-root" is not enough to root system-access via ssh
Closed, ResolvedPublic


If we try with user vyos... OK

So, something is missed into system to allow root-ssh-access.

OK. We need to hack /etc/ssh/sshd_config
and change
PermitRootLogin yes.


Difficulty level
Easy (less than an hour)

Event Timeline

syncer added a project: VyOS 1.1.x (1.1.8).
syncer added a subscriber: VyOS 1.1.x (1.1.8).

but if we look at /etc/ssh/sshd_config
there is no
PermitRootLogin yes... and more, if we manually add this line, login as root is not permitted as well.

in "/etc/ssh/sshd_config" we must manually locate the line with "PermitRootLogin" and set to "PermitRootLogin yes".

does not work because in sshd_config the line is not
"PermitRootLogin no" but instead "PermitRootLogin without-password".

So, it does not change anything.

Okay, so maybe we should expand the configuration in that case a little. Let's make it replace whatever value is found and allow all three options in the CLI?

yes, I think so, otherwise allow-root actually has no effect :)

@mdsmds you sure that is not it's intended purpose; scare away people from enabling root on their boxes ;p I'm hoping to have some time soon to do some small stuff like this.

@EwaldvanGeffen I could agree...

  1. completely remove "allow-root" from "set service ssh"


  1. let it really operating

but one of two.