Announce: OpenSSH 6.9 released
Matthew Vernon
matthew at debian.org
Wed Jul 22 00:57:28 AEST 2015
Philipp Marek <philipp.marek at linbit.com> writes:
> > Future Deprecation Notice
> > =========================
> >
> > The 7.0 release of OpenSSH, due for release in late July, will
> > deprecate several features, some of which may affect compatibility
> > or existing configurations. The intended changes are as follows:
> >
> > * The default for the sshd_config(5) PermitRootLogin option will
> > change from "yes" to "no".
> Uh, wouldn't "without-password" be a better alternative than "no"?
I agree (quite strongly) - it's not like an admin is going to
accidentally set up an authorized_keys file for root. PermitRootLogin
without-password seems the correct default - it stops password-attacks
on root and makes it easy for admins to set up key-based access.
Regards,
Matthew
--
"At least you know where you are with Microsoft."
"True. I just wish I'd brought a paddle."
http://www.debian.org
More information about the openssh-unix-dev
mailing list