[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin -> NO
Lars Noodén
larsnooden at openoffice.org
Thu Jan 21 19:32:09 GMT 2010
Thank you for the cheezburger link, Kees. From it, I am starting to
understand more about how decisions are made in the Ubuntu project and
the authoritative resources drawn upon to help make informed decisions.
Anyhow, those that somehow get the impression that they want to log in
as root can always set the PermitRootLogin directive in /etc/sshd_config
from 'no' to 'yes'
What use-case is there for remote root login that cannot already be met by a tuned sudoers?
Use of sudo allows further compartmentalization of access and privilege.
"Layering security defenses in an application can reduce the chance of a successful attack...
so that if one layer of defense turns out to be inadequate, another layer of defense will hopefully prevent a full breach. "
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/principles/347-BSI.html
--
OpenSSH server sshd_config PermitRootLogin -> NO
https://bugs.launchpad.net/bugs/510732
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
More information about the Ubuntu-server-bugs
mailing list