Abotu setting 'PermitRootLogin=no' in sshd_config
Gabriel Ramirez
gabriello.ramirez at gmail.com
Tue Nov 25 16:29:56 UTC 2014
On 11/25/2014 09:45 AM, P J P wrote:
>> On Tuesday, 25 November 2014 8:53 PM, Kevin Fenzi wrote:
>>> On Tue, 25 Nov 2014 09:56:59 -0500
>> Simo Sorce wrote:
>>
>>> We can install machine w/o user accounts, removing the ability to log
>>> in as root via ssh means those machines will not be accessible.
>> This has been the reason this hasn't been changed the last few times
>> someone proposed to change it.
>>
>> I don't know how many folks do installs with no user config, but it's
>> definitely possible right now and that could mean they wouldn't be able
>> to reach their instance. We could of course change that so creating a
>> new user is forced, but I'm really not sure it's that much advantage.
>>
>>> If you want to remove root access that should be conditionally done at
>>> firstboot only if a user account was created.
>> This seems a more reasonable place to look to change this, I agree.
>
> True, this concern has been raised before. We need to ensure that user creates at least one non-root user account; firstboot is just the right place to ensure that.
no need to create a user account in *all* installs
I have a server which only runs several VM's with specific services, no
need user accounts in the host or in the VM's,
so you propose when I reiinstall any of them create a user account in
each of them,
that will cause boot the first time change to permit root login and
delete the *forced* user account
and the server is hosted remotely, so if anything is wrong with it I can
only access via ssh
so this *feature change* is no simple,
More information about the devel
mailing list