Abotu setting 'PermitRootLogin=no' in sshd_config
Aditya Patawari
aditya at adityapatawari.com
Fri Nov 21 07:25:57 UTC 2014
On Fri, Nov 21, 2014 at 12:41 PM, P J P <pj.pandit at yahoo.co.in> wrote:
> Hello,
>
> Sshd(8) daemon by default allows remote users to login as root.
>
> 1. Is that really necessary?
> 2. Lot of users use their systems as root, without even creating a non-root user.
> Such practices need to be discouraged, not allowing remote root login could be
> useful in that.
>
> Does it make sense to disable remote root login by default? If so, do we need to just report it to the maintainer or it would be treated as a feature?
Being a Fedora user on my personal machine as well as maintainer of a
few Fedora machines in production environment, I would gladly welcome
this. Many people do disable root login anyway. Having it default
would be a positive step from security stand point.
More information about the devel
mailing list