Abotu setting 'PermitRootLogin=no' in sshd_config

Florian Weimer fweimer at redhat.com
Fri Nov 21 07:54:38 UTC 2014

On 11/21/2014 08:34 AM, Jan Kratochvil wrote:
> On Fri, 21 Nov 2014 08:11:27 +0100, P J P wrote:
>> Does it make sense to disable remote root login by default? If so, do we
>> need to just report it to the maintainer or it would be treated as
>> a feature?
> Almost all of my Fedora installations are test VMs where any security is
> irrelevant.
> Just my use case, not saying if it is good or bad in general.

I think it's a valid use case, but rather poorly supported at the 
moment.  For example, there should be completely seemless SSH login from 
virt-manager for user-manageable  virtual machines (both as root and the 

My point is that once we address this (most likely through some 
configuration generation during VM setup), we can also switch 
PermitRootLogin on.

Florian Weimer / Red Hat Product Security

More information about the devel mailing list