Bug#462735: marked as done (openssh-server: allowing remote root login should be disabled by default)
Your message dated Sat, 26 Jan 2008 21:31:35 -0800
with message-id <874pczrg08.fsf@windlord.stanford.edu>
and subject line Bug#462735: openssh-server: allowing remote root login should be disabled by default
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: openssh-server
Version: 1:4.3p2-9
Severity: important
"PermitRootLogin yes" is the default setting in /etc/ssh/sshd_config.
it is considered unwise to allow remote root logins. hence, the default
should be the safer "PermitRootLogin no" setting, and it should be up to
the user to change this if they feel comfortable with the more lax
option.
thank you for your consideration.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (600, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-k7
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages openssh-server depends on:
ii add 3.102 Add and remove users and groups
ii deb 1.5.11etch1 Debian configuration management sy
ii dpk 1.13.25 package maintenance system for Deb
ii lib 2.3.6.ds1-13etch4 GNU C Library: Shared libraries
ii lib 1.39+1.40-WIP-2006.11.14+dfsg-2etch1 common error description library
ii lib 1.4.4-7etch4 MIT Kerberos runtime libraries
ii lib 0.79-5 Pluggable Authentication Modules f
ii lib 0.79-5 Runtime support for the PAM librar
ii lib 0.79-5 Pluggable Authentication Modules l
ii lib 1.32-3 SELinux shared libraries
ii lib 0.9.8c-4etch1 SSL shared libraries
ii lib 7.6.dbs-13 Wietse Venema's TCP wrappers libra
ii ope 1:4.3p2-9 Secure shell client, an rlogin/rsh
ii zli 1:1.2.3-13 compression library - runtime
openssh-server recommends no packages.
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Michael Gilbert <michael.s.gilbert@gmail.com> writes:
> Package: openssh-server
> Version: 1:4.3p2-9
> Severity: important
>
> "PermitRootLogin yes" is the default setting in /etc/ssh/sshd_config.
> it is considered unwise to allow remote root logins. hence, the default
> should be the safer "PermitRootLogin no" setting, and it should be up to
> the user to change this if they feel comfortable with the more lax
> option.
Closing per /usr/share/doc/openssh-server/README.Debian.gz. Please follow
the instructions in that file if you feel that you can present a new
argument for changing it.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
--- End Message ---
Reply to: