PermitRootLogin default (was: "PermitRootLogin no" should not proceed with root login)
Philip Hands
phil at hands.com
Sun Feb 22 10:36:10 AEDT 2015
tot-to <tot-to at tot-to.com> writes:
...
> I aclually have a related question about the reasoning:
> Why "PermitRootLogin no" is not a default option?
"without-password" is the right default IMO, as suggested some time ago:
https://bugzilla.mindrot.org/show_bug.cgi?id=2164
(and considerably earlier in Debian circles ;-) )
I'm glad to say that the default for the Debian package has finally
switched to "without-pasword" for new installs in our upcoming release.
I'd suggest it is pretty irresponsible allowing the default to remain as
"yes" here upstream, especially given how popular brute-force attacks
are these days.
Given that nobody came up with any argument to maintain "Yes" as the
default in response to that bug it seems a bit of a shame that inertia
is apparently the controlling factor here.
Cheers, Phil.
--
|)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd.
|-| http://www.hands.com/ http://ftp.uk.debian.org/
|(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150221/c9bb358f/attachment.bin>
More information about the openssh-unix-dev
mailing list