Abotu setting 'PermitRootLogin=no' in sshd_config
Florian Weimer
fweimer at redhat.com
Fri Nov 21 07:54:38 UTC 2014
On 11/21/2014 08:34 AM, Jan Kratochvil wrote:
> On Fri, 21 Nov 2014 08:11:27 +0100, P J P wrote:
>> Does it make sense to disable remote root login by default? If so, do we
>> need to just report it to the maintainer or it would be treated as
>> a feature?
>
> Almost all of my Fedora installations are test VMs where any security is
> irrelevant.
>
> Just my use case, not saying if it is good or bad in general.
I think it's a valid use case, but rather poorly supported at the
moment. For example, there should be completely seemless SSH login from
virt-manager for user-manageable virtual machines (both as root and the
user).
My point is that once we address this (most likely through some
configuration generation during VM setup), we can also switch
PermitRootLogin on.
--
Florian Weimer / Red Hat Product Security
More information about the devel
mailing list