Re: passwordless ssh root logins stopped working after testing dist-upgrade

To: debian-user@lists.debian.org
Subject: Re: passwordless ssh root logins stopped working after testing dist-upgrade
From: Stephen Powell <zlinuxman@wowway.com>
Date: Tue, 6 Apr 2010 16:14:48 -0400 (EDT)
Message-id: <[🔎] 1646579125.1476531270584888497.JavaMail.root@md01.wow.synacor.com>
In-reply-to: <[🔎] 4BBB7983.2010503@pinyon.org>

On Tue, 6 Apr 2010 14:12:19 -0400 (EDT), Russell L. Carter wrote:
>
> I dist-upgraded yesterday and ssh root logins started requiring a
> password.

OK, I'll bite.  Not that this is any of my business, but why do you
allow *root* logins via *ssh* _without_ a password.  Isn't that dangerous?
At my shop, our policy is that root is not allowed to login via ssh
at all.  root can only login from the system console.  To login as
root via ssh, one must login as a normal user first, then su to root.
But you not only allow root to login via ssh, you don't even require
a password!  That sounds like a security hole big enough to drive a
tank through!  Would you mind explaining why you do this?

-- 
  .''`.     Stephen Powell    <zlinuxman@wowway.com>
 : :'  :
 `. `'`
   `-

Reply to:

Follow-Ups:
- Re: passwordless ssh root logins stopped working after testing dist-upgrade
  - From: Jordan Metzmeier <titan8990@gmail.com>

References:
- passwordless ssh root logins stopped working after testing dist-upgrade
  - From: "Russell L. Carter" <rcarter@pinyon.org>

Prev by Date: Re: passwordless ssh root logins stopped working after testing dist-upgrade
Next by Date: Re: Umont ownership?
Previous by thread: Re: passwordless ssh root logins stopped working after testing dist-upgrade
Next by thread: Re: passwordless ssh root logins stopped working after testing dist-upgrade
Index(es):
- Date
- Thread