F22 System Wide Change: Set sshd(8) PermitRootLogin=no
Chris Murphy
lists at colorremedies.com
Wed Jan 14 06:06:26 UTC 2015
On Tue, Jan 13, 2015 at 10:53 PM, P J P <pj.pandit at yahoo.co.in> wrote:
> Hello Simo,
>
> > On Wednesday, 14 January 2015 2:29 AM, Simo Sorce wrote:
> > Sorry this is false. You got enough emails telling you this
> > change is undesirable, that's the definition of opposition
> > and means you have no _consensus_.
>
>
> IIUC, that was for disabling remote root access completely with
> 'PermitRootLogin=no'.
> As the 'PermitRootLoing=without-password' option seems more preferred. As
> for the emails,
> many folks have also said that it is a useful change.
>
Assuming this applies to Server, with no change to Workstation (sshd
remains disabled by default, and 'PermitRootLogin=yes'). Otherwise I
predict the people who systemctl enable/start sshd and still can't get it
work are going to be irritated they have to also go edit a configuration
file. So they're going to be annoyed, and thwart the very thing the
proposal is trying to prevent. It's pretty unlikely these users are going
to instead learn to use key authentication. And if they aren't willing to
do that, why is it anyone else's responsibility to baby sit them?
--
Chris Murphy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150113/955e3a70/attachment.html>
More information about the devel
mailing list