Re: PermitRootLogin enabled by default
Travis Cole <kelp@plek.org> writes:
> On Wed, Jun 26, 2002 at 02:11:00PM +0200, InfoEmergencias - Luis Gómez wrote:
> > Hi all
> >
> > Messing up with sshd_config for all the privsep stuff, I've
> > noticed that PermitRootLogin was set to yes in my three woody
> > boxes. I usually consider this a problem (although it has been my
> > fault - i should have checked and noticed this much time ago).
> > What do you think of this?
> >
> > IMHO, we'd better set it to no. I always thought it was much
> > better. Is there any landscape in which you may want to allow
> > direct root login to your host?
> I thank my lucky stars every day that it was decided to allow root
> logins by default.
> If it did default to off then I would have to carefully change that
> every single time I upgrade ssh packages, or roll my own ssh
> packages.
Huh? If an upgrade clobbers your configuration without asking you for
permission that is a bug. File a bug report.
Quoting from debian-policy
11.7.3 Behavior
Configuration file handling must conform to the following behavior:
* local changes must be preserved during a package upgrade, and
* configuration files must be preserved when the package is re-
moved, and only deleted when the package is purged.
--
Olaf Meeuwissen EPSON KOWA Corporation, CID
GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97 976A 16C7 F27D 6BE3 7D90
LPIC-2 -- I hack, therefore I am -- BOFH
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: