[Bug 1887016] Re: Openssh default config has two PasswordAuthentication params
Launchpad Bug Tracker
1887016 at bugs.launchpad.net
Sun Sep 13 04:17:14 UTC 2020
[Expired for openssh (Ubuntu) because there has been no activity for 60
days.]
** Changed in: openssh (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1887016
Title:
Openssh default config has two PasswordAuthentication params
Status in openssh package in Ubuntu:
Expired
Bug description:
In Ubuntu server 20.04 the /etc/ssh/sshd_config file has an additional
`PasswordAuthentication yes` string in the end.
It can lead to security problems, because there's already one string
`# PasswordAuthentication yes` in the beginning of the file. It is
supposed to be uncommented if it's needed to change the default value.
But if the user uncomments this string and set in to "no", it will be
overriden by the last line of config.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1887016/+subscriptions
More information about the foundations-bugs
mailing list