Abotu setting 'PermitRootLogin=no' in sshd_config
Juan Orti
juan.orti at miceliux.com
Fri Nov 21 08:17:26 UTC 2014
El 2014-11-21 08:49, Christian Rose escribió:
> 2014-11-21 8:11 GMT+01:00 P J P <pj.pandit at yahoo.co.in>:
>
>> Sshd(8) daemon by default allows remote users to login as root.
>>
>> 1. Is that really necessary?
>> 2. Lot of users use their systems as root, without even creating
>> a non-root user.
>> Such practices need to be discouraged, not allowing remote
>> root login could be
>> useful in that.
>>
>> Does it make sense to disable remote root login by default? If so,
>> do we need to just report it to the maintainer or it would be
>> treated as a feature?
>
> IIRC, the main reason for PermitRootLogin being enabled by default was
> to prevent a remote server from becoming inaccessible in cases such as
> a network mounted /home suddenly becoming unavailable.
>
Also, the creation of a user is not enforced at installation, so you'll
need to login as root in those cases
--
Juan Orti
https://miceliux.com
More information about the devel
mailing list