Bug#462735: openssh-server: allowing remote root login should be disabled by default

[Michael Gilbert <michael.s.gilbert@gmail.com>]

Package: openssh-server
Version: 1:4.3p2-9
Severity: important

"PermitRootLogin yes" is the default setting in /etc/ssh/sshd_config.
it is considered unwise to allow remote root logins.  hence, the default
should be the safer "PermitRootLogin no" setting, and it should be up to
the user to change this if they feel comfortable with the more lax 
option.

thank you for your consideration.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (600, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-k7
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages openssh-server depends on:
ii  add 3.102                                Add and remove users and groups
ii  deb 1.5.11etch1                          Debian configuration management sy
ii  dpk 1.13.25                              package maintenance system for Deb
ii  lib 2.3.6.ds1-13etch4                    GNU C Library: Shared libraries
ii  lib 1.39+1.40-WIP-2006.11.14+dfsg-2etch1 common error description library
ii  lib 1.4.4-7etch4                         MIT Kerberos runtime libraries
ii  lib 0.79-5                               Pluggable Authentication Modules f
ii  lib 0.79-5                               Runtime support for the PAM librar
ii  lib 0.79-5                               Pluggable Authentication Modules l
ii  lib 1.32-3                               SELinux shared libraries
ii  lib 0.9.8c-4etch1                        SSL shared libraries
ii  lib 7.6.dbs-13                           Wietse Venema's TCP wrappers libra
ii  ope 1:4.3p2-9                            Secure shell client, an rlogin/rsh
ii  zli 1:1.2.3-13                           compression library - runtime

openssh-server recommends no packages.

-- debconf information excluded