Abotu setting 'PermitRootLogin=no' in sshd_config

Simo Sorce simo at redhat.com
Tue Nov 25 17:25:54 UTC 2014

On Tue, 25 Nov 2014 17:05:59 +0000 (UTC)
P J P <pj.pandit at yahoo.co.in> wrote:

>   Hi,
> > On Tuesday, 25 November 2014 10:00 PM, Gabriel Ramirez wrote:
> > I have a server which only runs several VM's with specific
> > services,  no need user accounts in the host or in the VM's,
> > 
> > so you propose when I reiinstall any of them create a user account
> > in each of them, that will cause boot the first time change to
> > permit root login and delete the *forced* user account
> > 
> > and the server is hosted remotely, so if anything is wrong with it
> > I can only access via ssh so this *feature change* is no simple,
>   True, it is complex.
> Maybe we could have an option in firstboot(and other such places) by
> which user can override the default non-root account creation. Ie.
> Say a user is prompted to create non-root user account; He/she can
> choose to override it and not create one. In such workflow, he/she is
> warned about the possible lockout situation and duly advised to
> explicitly enable remote root login in sshd_config(5).
> (Just a thought)

If the user is not created you do not change the sshd_config defaults
and let root log in.
Simple, and does not break current kickstarts.


Simo Sorce * Red Hat, Inc * New York

More information about the devel mailing list