[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin -> NO

[candyban]

Mathias,

> Could you elaborate how defaulting PermitRootLogin to no would improve the
> default installation?

It does not pass a "makes sense" sensor (at least not mine). It actually alarmed me a for a minute into thinking there may be a backdoor into my system. (I double checked /etc/shadow to make sure)
The improvement comes from a more consistent and logical system/configuration.

Colin,

> If upstream are so convinced that this is a bad idea, then I doubt they would have made PermitRootLogin default to yes! I do 
> not intend to deviate from upstream in the Debian or Ubuntu packaging on this matter. If you want this changed, convince 
> upstream.

If you do not want to be BETTER than upstream, then what's the point of
a derivative distro? In OSS philosophy you can/should report to upstream
and have it fixed there so it benefits everyone, but when a setting
doesn't make sense, it just doesn't make sense and should be changed
IMHO.

For anyone not wanting to change it: What is the reasoning behind
setting PermitRootLogin to "yes" other than "upstream does it too"?

-- 
OpenSSH server sshd_config PermitRootLogin -> NO
https://bugs.launchpad.net/bugs/510732
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.