Announce: OpenSSH 6.9 released

Christian Kujau lists at nerdbynature.de
Sun Jul 5 06:33:13 AEST 2015


On Tue, 30 Jun 2015, Damien Miller wrote:
>  * The default for the sshd_config(5) PermitRootLogin option will
>    change from "yes" to "no".

At the risk of re-opening an old bike-shedding debate: why not change the 
default to "without-password" or to "forced-commands-only"? With 
PermitRootLogin=no, users will change to "yes" as soon as they notice that 
root cannot login any more. Changing the default to the other options 
would promote these and users might be inclined to adopt these and also 
make use of PubkeyAuthentication instead of passwords.

My 2 cents,
Christian.
-- 
BOFH excuse #176:

vapors from evaporating sticky-note adhesives


More information about the openssh-unix-dev mailing list