Bug#431627: marked as done (ssh: PermitRootLogin yes??)
On Tue, Jul 03, 2007 at 10:57:04PM +0000, Adam D. Barratt wrote:
> On Tue, 2007-07-03 at 17:17 -0500, Bob Tanner wrote:
> > Did a new install of lenny amd64 and I was surprised that 'PermitRootLogin yes'
> > was default setting in /etc/ssh/sshd_config. Is there a reason for this? Seem
> > insecure.
>
> As far as I can see, it's been the default since January 2003.
July 2001, actually.
> Please see README.Debian. Specifically:
>
> Having PermitRootLogin set to yes means that an attacker that
> knows the root password can ssh in directly (without having to
> go via a user account). If you set it to no, then they must
> compromise a normal user account. In the vast majority of
> cases, this does not give added security
> [...]
> DO NOT FILE BUG REPORTS SAYING YOU THINK THIS DEFAULT IS
> INCORRECT!
>
> The argument above is somewhat condensed; I have had this
> discussion at great length with many people. If you think the
> default is incorrect, and feel strongly enough to want to
> argue with me about it, then send me email to
> matthew@debian.org. I will close bug reports claiming the
> default is incorrect.
>
> I'm closing this report on the assumption that Colin's opinion is
> similar.
I'm of the same opinion, for much the same reasons as cited at more
length in README.Debian. Note that this is *not* a Debian change; the
upstream default is also to enable PermitRootLogin, and the change in
July 2001 was simply to revert to that.
> If not the documentation should be updated (which it probably
> should be to remove Matthew's address anyway :)
I think Matthew remains happy to argue with people about it. ;-)
--
Colin Watson [cjwatson@debian.org]
Reply to: