Abotu setting 'PermitRootLogin=no' in sshd_config
Kevin Fenzi
kevin at scrye.com
Tue Nov 25 15:23:22 UTC 2014
On Tue, 25 Nov 2014 09:56:59 -0500
Simo Sorce <simo at redhat.com> wrote:
> We can install machine w/o user accounts, removing the ability to log
> in as root via ssh means those machines will not be accessible.
This has been the reason this hasn't been changed the last few times
someone proposed to change it.
I don't know how many folks do installs with no user config, but it's
definitely possible right now and that could mean they wouldn't be able
to reach their instance. We could of course change that so creating a
new user is forced, but I'm really not sure it's that much advantage.
> If you want to remove root access that should be conditionally done at
> firstboot only if a user account was created.
This seems a more reasonable place to look to change this, I agree.
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141125/18df167c/attachment.sig>
More information about the devel
mailing list