Ubuntu
openssh package

PermitRootLogin should not be set to yes by default

Bug #28305 reported by Brian Beck
This bug report is a duplicate of:  Bug #45416: PermitRootLogin. Edit Remove
6
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Invalid
Medium
Colin Watson

Bug Description

In the file /etc/ssh/sshd_config the PermitRootLogin directive is set to yes by
default. Seeing that you don't configure a root user by default I'm not certain
that it makes sense.

Thanks.

Revision history for this message
Colin Watson (cjwatson) wrote :

Since we don't configure a root user by default, it's harmless by default. In
case you do configure a root user, the comments in
/usr/share/doc/openssh-server/README.Debian.gz apply (specifically that you
should be just as paranoid about root-equivalent users as you are about root
anyway). This is the upstream default and I don't intend to change it, although
you are of course welcome to change it on your systems.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.