Allowing root ssh logins to Solaris machines

I’ve been away from Solaris for 5 months, but I need some VMs for NFSv4 testing, which means beating my head against modernization such as RBAC, pfexec, and NWAM.

I prefer to treat my lab Unix machines as inter-changable boxes and do all of my configuration up front. I want to be able to do an SSH root login, especially if the system goes out of the way to make that hard.

There are currently 3 things you have to do to violate this security truism on either OpenSolaris or Solaris 11:

1) Modify PermitRootLogin to yes in /etc/ssh/sshd_config.

2) Comment out the “CONSOLE=/dev/console” line in /etc/default/login.

3) Remove “;type=role” from the root entry in /etc/user_attr.

Share