F22 System Wide Change: Set sshd(8) PermitRootLogin=no
Chuck Anderson
cra at WPI.EDU
Thu Jan 8 13:48:58 UTC 2015
On Thu, Jan 08, 2015 at 08:43:48AM -0500, Stephen Gallagher wrote:
> Can we clarify something here? Is this a request to change the defaults
> globally for all Products/nonproduct installs?
>
> I would argue that it could be sensible to do this for Workstation and
> non-product installs, but not for Server and Cloud.
>
> In the Server case, nearly every deployment is headless. Disabling root
> login to ssh by default would mean that many people would have no way to
> get into the system at all. (Yes, we could force the creation of a
> non-root user at install time, but this user would by necessity be an
> administrator capable of becoming root via sudo, so the distinction
> is... fuzzy). The only other approach I could see for the headless
> servers would be mandating the enrollment in an identity domain at
> installation time (such as to FreeIPA or Active Directory).
Having a non-root account with sudo is already more secure because the
attacker would have to guess the username in addition to the password.
> Neither of those approaches is anything like ideal, so I would argue
> that Server should continue to operate with the SSH root login being
> available by default, but perhaps add documentation to the install guide
> recommending to disable it if other accounts are available; perhaps even
> by adding a simple kickstart directive (but no UI element) to accomplish
> this.
I disagree. I think requiring a non-root account w/Admin to be
created is the best way to go.
More information about the devel
mailing list