Re: Root SSH permitted by default (was: how does root run a graphical prog)
On Mon, May 20, 2002 at 01:37:49PM -0500, Jamin W. Collins wrote:
> On Mon, 20 May 2002 19:01:50 +0100
> "Colin Watson" <cjwatson@debian.org> wrote:
> > Not in woody and sid, at least. See the paragraphs in
> > /usr/share/doc/ssh/README.Debian headed "PermitRootLogin set to yes".
>
> Man, talk about a bad stance to take. Personally, I'd say this is a bug
> in the default configuration. However, it appears that the package
> maintainer does not agree:
*sigh*
Like the document says, regularly su'ing to root from an account makes
compromising that account essentially equivalent to compromising root
anyway. I don't see a problem with the default configuration, and nor do
OpenSSH upstream.
> DO NOT FILE BUG REPORTS SAYING YOU THINK THIS DEFAULT IS INCORRECT!
>
> SSH should not be installed to permit root logins or password auth by
> default.
I can safely say that this is a pointless discussion; I know the
maintainer, and he's not going to change his mind. If you disagree,
you're free to change the configuration for yourself.
--
Colin Watson [cjwatson@flatline.org.uk]
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: