F22 System Wide Change: Set sshd(8) PermitRootLogin=no
Miloslav Trmač
mitr at redhat.com
Thu Jan 8 18:52:59 UTC 2015
> > > The only other approach I could see for the headless
> > > servers would be mandating the enrollment in an identity domain at
> > > installation time (such as to FreeIPA or Active Directory).
> >
> > And in this scenario we should absolutely disable PermitRootLogin.
>
> So that if you have issues with the connector, you have to reboot the
> machine and be physically present to fix anything.
>
> Not really a grand plan IMO.
Earlier in the discussions I was told that this is not really an issue: in production, about every server with remote access also has a KVM.
Mirek
More information about the devel
mailing list