[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin -> NO

Kees Cook kees at ubuntu.com
Thu Jan 21 20:01:54 GMT 2010

"authoritative resources"?  I'm inferring that you think my use of a
simple diagram tool to help illustrate this bug is somehow
inappropriate?  And yes, I know what layered security is.  :)

Please understand that the PermitRootLogin config default is not a new
issue.  I'm trying to make sure everyone can have the same language to
discuss it, as this has traditionally been what has derailed discussions
before.  Also, I did not mention in my first comment, but I support
changing this setting.  That said, Ubuntu tries to make its decisions
via consensus, which this issue does not have.  I'm hoping to build such
a consensus.

The primary concern I have is for the safety of Ubuntu users, though it
must be balanced against usability.  A default system doesn't even have
openssh-server installed (it is, of course, installed on nearly all
server systems).  A system _with_ openssh-server does not allow root
login because the root user's password is locked.  Therefore, the bulk
of Ubuntu users are protected already from root-targeted SSH brute-force

This bug is explicitly about the behavior of an already non-default
system (openssh-server installed, root password enabled).  For this
minority of Ubuntu systems, the PermitRootLogin setting currently
creates a problem for the people that aren't thinking about how brute
forcing might compromise them (i.e. people that did not understand the
implications of enabling the strongly discouraged root password).
Changing the setting protects these people and gets in the way of people
that do not know how to change PermitRootLogin to "yes".

OpenSSH server sshd_config PermitRootLogin -> NO
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.

More information about the Ubuntu-server-bugs mailing list