Abotu setting 'PermitRootLogin=no' in sshd_config
Petr Spacek
pspacek at redhat.com
Wed Nov 26 13:37:04 UTC 2014
On 25.11.2014 18:25, Simo Sorce wrote:
> On Tue, 25 Nov 2014 17:05:59 +0000 (UTC)
> P J P <pj.pandit at yahoo.co.in> wrote:
>
>> Hi,
>>
>>> On Tuesday, 25 November 2014 10:00 PM, Gabriel Ramirez wrote:
>>> I have a server which only runs several VM's with specific
>>> services, no need user accounts in the host or in the VM's,
>>>
>>> so you propose when I reiinstall any of them create a user account
>>> in each of them, that will cause boot the first time change to
>>> permit root login and delete the *forced* user account
>>>
>>> and the server is hosted remotely, so if anything is wrong with it
>>> I can only access via ssh so this *feature change* is no simple,
>>
>>
>> True, it is complex.
>>
>> Maybe we could have an option in firstboot(and other such places) by
>> which user can override the default non-root account creation. Ie.
>> Say a user is prompted to create non-root user account; He/she can
>> choose to override it and not create one. In such workflow, he/she is
>> warned about the possible lockout situation and duly advised to
>> explicitly enable remote root login in sshd_config(5).
>>
>> (Just a thought)
>
> If the user is not created you do not change the sshd_config defaults
> and let root log in.
> Simple, and does not break current kickstarts.
+1 This is a good idea. I maintain a lot of throw-away VMs which are installed
automatically and creating yet another local account just to make someone
happy would be really annoying.
--
Petr^2 Spacek
More information about the devel
mailing list