[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin -> NO

[Mathias Gug]

On Fri, Jan 22, 2010 at 08:26:58PM -0000, Lars Noodén wrote:
> "The default Ubuntu Server install does *not* have openssh-server
> installed."
> 
> Ok, then that's a separate bug needing a separate bug report.
>

As outlined on the Security Team policies [1]

  No Open Ports

  Default installations of Ubuntu must have no listening network services after
  initial install. Exceptions to this rule include network infrastructure
  services such as the DHCP client and mDNS (Avahi/ZeroConf, see
  ZeroConfPolicySpec for implementation details and justification). When
  installing Ubuntu Server, the administrator can, of course, select specific
  services to install beyond the defaults (e.g. Apache). 

[1]: https://wiki.ubuntu.com/SecurityTeam/Policies

So there is no need to open a new bug report about this. If you want to discuss
this policy I'd recommend to send your proposal to the ubuntu-devel@ mailing
list. A bug report is definitely not the best option to have your thoughts on
that matter heard.
 
> Nearly all installations of the openssh-server package, I am guessing
> then, are on the Ubuntu Server or an alternate install tuned to be
> rather like the Ubuntu Server.  Is there a way of getting the popularity
> contest data to examine package installation frequency and finding
> groupings or clusters of daemons commonly installed together?
>

I don't think so. It's hard to measure what is installed and what is not. As
consequence anyone's numbers are as accurate as anyone else's.
 
> Mathias, did comment #2 answer your question about setting PermitRootLogin to NO as default would improve the
> default openssh-server installation?
> 

Yes - thanks.

-- 
Mathias Gug
Ubuntu Developer  http://www.ubuntu.com

-- 
OpenSSH server sshd_config PermitRootLogin -> NO
https://bugs.launchpad.net/bugs/510732
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.