About sshd(8) PermitRootLogin=no
P J P
pj.pandit at yahoo.co.in
Tue Nov 25 08:04:38 UTC 2014
Hello Tomas, all
> On Monday, 24 November 2014 6:27 PM, Tomas Mraz wrote:
> The reason the root login with password was kept allowed was the support
> for vnc installation without kickstart as it was previously impossible
> to create regular user in anaconda. Now that anaconda allows to create
> regular user accounts we could disable sshd root login with password. We
> just need to properly advertise that.
True; that's manageable.
> The only remaining problem is for systems which have been installed
> previously and have only root login and someone upgrades them to new
> Fedora release. Here the system would be made inaccessible by the
> openssh-server rpm upgrade from the old Fedora to F22.
>
> I am afraid there is no easy solution for the problem above.
Ummn for Fedora upgrades, maybe in OpenSSH %post install section we could display a bold warning message about this change, so that the user is aware of it. This message could be removed in the subsequent updates to the OpenSSH package.
---
Regards
-Prasad
http://feedmug.com
More information about the security
mailing list