Bug#1095922: openssh-server: sshd -T still show a deprecated alias: without-password

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1095922: openssh-server: sshd -T still show a deprecated alias: without-password
From: Patrice Duroux <patrice.duroux@gmail.com>
Date: Thu, 13 Feb 2025 21:03:46 +0100
Message-id: <[🔎] 173947702682.9667.4232360568047209915.reportbug@kos-moceratops>
Reply-to: Patrice Duroux <patrice.duroux@gmail.com>, 1095922@bugs.debian.org

Package: openssh-server
Version: 1:9.9p1-3
Severity: wishlist

Dear Maintainer,

Currently, here is what sshd says on my system:

$ grep -i root /etc/ssh/sshd_config ; echo "---" ; sshd -V ; sshd -T | grep -i
root
#PermitRootLogin prohibit-password
# the setting of "PermitRootLogin prohibit-password".
#ChrootDirectory none
---
OpenSSH_9.9p1 Debian-3, OpenSSL 3.4.1 11 Feb 2025
permitrootlogin without-password
chrootdirectory none

Regarding https://man.openbsd.org/sshd_config#PermitRootLogin, the default is:
prohibit-password
and not its deprecated alias:
without-password

Could this be an oversight?

Regards,
Patrice


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.12.13-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openssh-server depends on:
ii  adduser                    3.137
ii  debconf [debconf-2.0]      1.5.89
ii  init-system-helpers        1.68
ii  libaudit1                  1:4.0.2-2+b1
ii  libc6                      2.40-6
ii  libcom-err2                1.47.2-1
ii  libcrypt1                  1:4.4.38-1
ii  libgssapi-krb5-2           1.21.3-4
ii  libkrb5-3                  1.21.3-4
ii  libpam-modules             1.7.0-3
ii  libpam-runtime             1.7.0-3
ii  libpam0g                   1.7.0-3
ii  libselinux1                3.8-3
ii  libssl3t64                 3.4.1-1
ii  libwrap0                   7.6.q-35
ii  openssh-client             1:9.9p1-3
ii  openssh-sftp-server        1:9.9p1-3
ii  procps                     2:4.0.4-7
ii  runit-helper               2.16.4
ii  sysvinit-utils [lsb-base]  3.14-1
ii  ucf                        3.0049
ii  zlib1g                     1:1.3.dfsg+really1.3.1-1+b1

Versions of packages openssh-server recommends:
ii  libpam-systemd [logind]  257.2-3
ii  ncurses-term             6.5+20250125-2
ii  xauth                    1:1.1.2-1.1

Versions of packages openssh-server suggests:
pn  molly-guard   <none>
pn  monkeysphere  <none>
pn  ssh-askpass   <none>
pn  ufw           <none>

-- debconf information excluded

Reply to:

Follow-Ups:
- Bug#1095922: openssh-server: sshd -T still show a deprecated alias: without-password
  - From: Colin Watson <cjwatson@debian.org>
- Processed: Re: Bug#1095922: openssh-server: sshd -T still show a deprecated alias: without-password
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#1095800: marked as done (openssh-server: /etc/pam.d/sshd has deprecated reading of user environment enabled)
Next by Date: Bug#1095922: openssh-server: sshd -T still show a deprecated alias: without-password
Previous by thread: Bug#1095800: marked as done (openssh-server: /etc/pam.d/sshd has deprecated reading of user environment enabled)
Next by thread: Bug#1095922: openssh-server: sshd -T still show a deprecated alias: without-password
Index(es):
- Date
- Thread