Bug or policy? [root@maine.com: Debconf: Configuring Ssh -- NOTE: Root Logins disabled by default.]]
I'm thinking there was some discussion about this and not sure if
it is policy or s/b a bug.
Anyway, the system operator running upgrade is not necessarily going to
get this mail in time, particularly in a network installation. In this
case I did not even know that ssh was upgraded until all
the system ssh cron jobs started dying. Hell, if apt asks to upgrade
motd I'd think it could at least warn it's upgrading ssh.
Would it be better to send this as a **warning** and **recommendation**
and not to screw around with config?
>
> ----- Forwarded message from root@maine.com -----
>
> Date: 24 Jul 2000 19:38:22 -0000
> From: root@maine.com
> Subject: Debconf: Configuring Ssh -- NOTE: Root Logins disabled by default.
> To: root@maine.com
>
> This note was sent to you because Debconf was asked to make sure you saw
> it, but Debconf was running in noninteractive mode, or you have told it to
> not pause and show you unimportant notes. Here is the text of the note:
>
> For security reasons, the Debian version of /etc/ssh/sshd_config has
> PermitRootLogin set to ``no'' by default.
>
> You currently have PermitRootLogin set to yes. If you are currently
> relying on being able to log in as root via ssh to access this machine, I
> suggest you start another ssh session now to ensure that you continue to
> have access, because dpkg may be about to change that file for you.
>
> The cheap and nasty approach is to simply edit /etc/ssh/sshd_config once
> ssh is installed, and change this setting back, but I would recommend that
> you instead make sure that you can log in as a non-root user, and can then
> su (or sudo) to root
>
> ----- End forwarded message -----
--
Christopher F. Miller, Publisher cfm@maine.com
MaineStreet Communications, Inc 208 Portland Road, Gray, ME 04039
1.207.657.5078 http://www.maine.com/
Database publishing, e-commerce, office/internet integration, Debian linux.
Reply to: