Abotu setting 'PermitRootLogin=no' in sshd_config
P J P
pj.pandit at yahoo.co.in
Tue Nov 25 15:45:08 UTC 2014
> On Tuesday, 25 November 2014 8:53 PM, Kevin Fenzi wrote:
> > On Tue, 25 Nov 2014 09:56:59 -0500
> Simo Sorce wrote:
>
>> We can install machine w/o user accounts, removing the ability to log
>> in as root via ssh means those machines will not be accessible.
>
> This has been the reason this hasn't been changed the last few times
> someone proposed to change it.
>
> I don't know how many folks do installs with no user config, but it's
> definitely possible right now and that could mean they wouldn't be able
> to reach their instance. We could of course change that so creating a
> new user is forced, but I'm really not sure it's that much advantage.
>
>> If you want to remove root access that should be conditionally done at
>> firstboot only if a user account was created.
>
> This seems a more reasonable place to look to change this, I agree.
True, this concern has been raised before. We need to ensure that user creates at least one non-root user account; firstboot is just the right place to ensure that.
---
Regards
-Prasad
http://feedmug.com
More information about the devel
mailing list