[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin -> NO
Lars Noodén
larsnooden at openoffice.org
Thu Jan 21 18:22:25 GMT 2010
Hmm. Wishlist is not the right category for a bug.
Mathias, defaulting PermitRootLogin to "no" improves the layered process
of 'security' for the default installation by adding another layer of
protection and not relying on the hope that the root account will always
remain disabled. Correcting the default setting for that directive adds
an additional line of defense should the root account become activated,
something which is easily done by accident, curiosity or misguided
attempts at solving other problems. You can work that out for yourself.
My own recent anecdotes show that, on the Ubuntu forums and when dealing
with about 150 students (from 2006-2009) whom I guided in laboratory
exercises involving Ubuntu, root accounts do get activated.
You can go to the page at the first link above to the people who write
OpenSSH and read what they recommend: defaulting PermitRootLogin to no.
Does that answer your question?
See also
http://wiki.centos.org/HowTos/Network/SecuringSSH#head-
9c01429983dccbf74ade8674815980dc6434d3ba
https://calomel.org/openssh.html
http://www.linux.com/archive/feature/119744/
--
OpenSSH server sshd_config PermitRootLogin -> NO
https://bugs.launchpad.net/bugs/510732
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
More information about the Ubuntu-server-bugs
mailing list