Abotu setting 'PermitRootLogin=no' in sshd_config
Simo Sorce
simo at redhat.com
Tue Nov 25 17:25:54 UTC 2014
On Tue, 25 Nov 2014 17:05:59 +0000 (UTC)
P J P <pj.pandit at yahoo.co.in> wrote:
> Hi,
>
> > On Tuesday, 25 November 2014 10:00 PM, Gabriel Ramirez wrote:
> > I have a server which only runs several VM's with specific
> > services, no need user accounts in the host or in the VM's,
> >
> > so you propose when I reiinstall any of them create a user account
> > in each of them, that will cause boot the first time change to
> > permit root login and delete the *forced* user account
> >
> > and the server is hosted remotely, so if anything is wrong with it
> > I can only access via ssh so this *feature change* is no simple,
>
>
> True, it is complex.
>
> Maybe we could have an option in firstboot(and other such places) by
> which user can override the default non-root account creation. Ie.
> Say a user is prompted to create non-root user account; He/she can
> choose to override it and not create one. In such workflow, he/she is
> warned about the possible lockout situation and duly advised to
> explicitly enable remote root login in sshd_config(5).
>
> (Just a thought)
If the user is not created you do not change the sshd_config defaults
and let root log in.
Simple, and does not break current kickstarts.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the devel
mailing list