PermitRootLogin
Bug #45416 reported by
Matti Lindell
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Ubuntu) |
Invalid
|
Wishlist
|
Unassigned |
Bug Description
To increase security and somewhat follow conventions described on
https:/
/etc/ssh/
PermitRootLogin should be set to false by default.
To post a comment you must log in.
This has been discussed many times before and rejected. Note that this is also the upstream default. PermitRootLogin allows you to have an audit trail of public keys used to log in to the root account rather than having to figure out which account escalated to root; furthermore on a system where the root password is enabled, it is appropriate to log in directly since otherwise the account you use to escalate to root is essentially root-equivalent. In Ubuntu's default configuration, it makes no difference whether PermitRootLogin is enabled or not, so the comments in RootSudo do not apply here.