[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#298138: ssh: PermitRootLogin should defaul to "no"

Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: wishlist


Hello,

On a recent new install, I noticed that sshd had the PermitRootLogin
option set to Yes by default. From a security standpoint, being secure by
default, it would be better to default this option to No.

Regards,
Thijs Kinkhorst

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages ssh depends on:
ii  adduser                     3.59         Add and remove users and groups
ii  debconf                     1.4.30.11    Debian configuration management sy
ii  dpkg                        1.10.27      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libpam-modules              0.76-22      Pluggable Authentication Modules f
ii  libpam-runtime              0.76-22      Runtime support for the PAM librar
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7e-2     SSL shared libraries
ii  libwrap0                    7.6.dbs-6    Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.2.2-3    compression library - runtime

-- debconf information excluded
Reply to: