Bug#403907: marked as done (PermitRootLogin should be disabled by default)

To: Matthew Vernon <matthew@sel.cam.ac.uk>
Subject: Bug#403907: marked as done (PermitRootLogin should be disabled by default)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 20 Dec 2006 09:19:14 -0800
Message-id: <[🔎] handler.403907.D403907.116663387612161.ackdone@bugs.debian.org>
References: <B03B5543-806D-423D-9FD0-D3E97050673A@sel.cam.ac.uk> <[🔎] 20061220161306.6514.27124.reportbug@neurob20.phys.rug.nl>

Your message dated Wed, 20 Dec 2006 16:55:28 +0000
with message-id <B03B5543-806D-423D-9FD0-D3E97050673A@sel.cam.ac.uk>
and subject line Bug#403907: PermitRootLogin should be disabled by default
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: PermitRootLogin should be disabled by default
From: Bas Wijnen <wijnen@debian.org>
Date: Wed, 20 Dec 2006 17:13:06 +0100
Message-id: <[🔎] 20061220161306.6514.27124.reportbug@neurob20.phys.rug.nl>

Package: ssh
Version: 1:4.3p2-7
Severity: wishlist

After installing, /etc/ssh/sshd_config is set to allow root logins.  On 
most systems, it doesn't make sense for root to log in directly.  That 
is, a user should log in and use su or sudo.  If people really need 
direct root logins, they should change their settings.  IMO the default 
should be a secure system, and the users must knowingly open holes in 
it.  That is, if they allow root logins, they will probably set a secure 
root password as well.

Of course this is a matter of taste, which is why I marked it as 
wishlist.

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-686
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8)

Versions of packages ssh depends on:
ii  openssh-client                1:4.3p2-7  Secure shell client, an rlogin/rsh
ii  openssh-server                1:4.3p2-7  Secure shell server, an rshd repla

ssh recommends no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

To: Bas Wijnen <wijnen@debian.org>, 403907-done@bugs.debian.org

Subject: Re: Bug#403907: PermitRootLogin should be disabled by default

From: Matthew Vernon <matthew@sel.cam.ac.uk>

Date: Wed, 20 Dec 2006 16:55:28 +0000

Message-id: <B03B5543-806D-423D-9FD0-D3E97050673A@sel.cam.ac.uk>

In-reply-to: <[🔎] 20061220161306.6514.27124.reportbug@neurob20.phys.rug.nl>

References: <[🔎] 20061220161306.6514.27124.reportbug@neurob20.phys.rug.nl>
On 20 Dec 2006, at 16:13, Bas Wijnen wrote:

Please read the README.Debian file that comes with ssh.

Matthew

--
Matthew Vernon MA VetMB LGSM MRCVS
Farm Animal Epidemiology and Informatics Unit
Department of Veterinary Medicine, University of Cambridge
http://www.cus.cam.ac.uk/~mcv21/
--- End Message ---

Reply to:

References:
- Bug#403907: PermitRootLogin should be disabled by default
  - From: Bas Wijnen <wijnen@debian.org>

Prev by Date: Bug#403907: PermitRootLogin should be disabled by default
Next by Date: Bug#404134: openssh-server: sshd uses from home directory when copying identity.pub
Previous by thread: Bug#403907: PermitRootLogin should be disabled by default
Next by thread: Bug#404134: openssh-server: sshd uses from home directory when copying identity.pub
Index(es):
- Date
- Thread