[Bug 2164] New: PermitRootLogin=without-password as default

bugzilla-daemon at natsu.mindrot.org bugzilla-daemon at natsu.mindrot.org
Thu Oct 24 10:40:16 EST 2013


https://bugzilla.mindrot.org/show_bug.cgi?id=2164

            Bug ID: 2164
           Summary: PermitRootLogin=without-password as default
           Product: Portable OpenSSH
           Version: 6.2p1
          Hardware: Other
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: phil at hands.com

The current default of PermitRootLogin=yes encourages packagers
(specifically, to my knowledge, the Debian Maintainers) to ship
packages that default to PermitRootLogin=yes.

I would like to suggest that either the default be changed to
without-password to encourage packagers downstream to do likewise.

Alternatively, a recomendation in the README saying that packagers
should not ship packages that default to PermitRootLogin=yes, but
should rather default future installs to without-password, and that
where practical they should try to ensure that upgrades (at least) warn
people that they are allowing root password guessing attacks, when that
is the case.

Of course, there is a problem with simply changing this default for
upgrades, becuase some people will be logged in via a root
password-authenticated login to do the upgrade, and may lose access to
the system if the default were changed on them without warning.

This idea is apparently uncontroversial, if one judges from the
response here:

 
http://lists.mindrot.org/pipermail/openssh-unix-dev/2013-October/031689.html

Might I suggest that if there are objections after all, that they
should probably be explored in that thread, rather than clogging up the
bug tracking system.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list