It has been fixed upstream:
http://www.openssh.com/txt/release-6.9
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/510732
Title:
OpenSSH server sshd_config PermitRootLogin -> NO
To manage notificati
This one can probably be closed since the default is now
"PermitRootLogin without-password" and that's close enough.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/510732
Title:
OpenSSH server sshd_c
The entirety of the discussion seems to say there's no intention to
change the current defaults. Why is this 'wishlist', not 'wontfix' or
somesuch?
** Changed in: openssh (Ubuntu)
Status: Confirmed => Opinion
--
You received this bug notification because you are a member of Ubuntu
Bugs, w
Yes, it is not safe setting, particularly for home PC - there is put a
simple password to root, and often install ssh server, if you have an
external IP and need access from work.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:/
Don't argue about it. Just make the correction by setting it to "No"
--
OpenSSH server sshd_config PermitRootLogin -> NO
https://bugs.launchpad.net/bugs/510732
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
I have stated my position repeatedly, in many different places. It's
obvious that you simply disagree so I don't think it's worth me stating
it again. I respect your right to disagree.
--
OpenSSH server sshd_config PermitRootLogin -> NO
https://bugs.launchpad.net/bugs/510732
You received this b
Mathias,
> Could you elaborate how defaulting PermitRootLogin to no would improve the
> default installation?
It does not pass a "makes sense" sensor (at least not mine). It actually
alarmed me a for a minute into thinking there may be a backdoor into my system.
(I double checked /etc/shadow to
On Fri, Jan 22, 2010 at 08:26:58PM -, Lars Noodén wrote:
> "The default Ubuntu Server install does *not* have openssh-server
> installed."
>
> Ok, then that's a separate bug needing a separate bug report.
>
As outlined on the Security Team policies [1]
No Open Ports
Default installation
"The default Ubuntu Server install does *not* have openssh-server
installed."
Ok, then that's a separate bug needing a separate bug report.
Nearly all installations of the openssh-server package, I am guessing
then, are on the Ubuntu Server or an alternate install tuned to be
rather like the Ubun
On Fri, Jan 22, 2010 at 12:54:29PM -, Lars Noodén wrote:
>
> Most sub-distros do not have openssh-server by default, so this bug does
> not affect them, only AFAIK the Ubuntu server.
>
The default Ubuntu Server install does *not* have openssh-server
installed.
--
Mathias Gug
Ubuntu Develop
Jamie, the various backup strategies that I have seen are all suited to
using sudo. They all run a program or script which receives some
arguments at run time. That includes rsync over ssh. Could you please
be specific about which backup strategy is not able to work with sudo?
Kees, yes, I see
If upstream are so convinced that this is a bad idea, then I doubt they
would have made PermitRootLogin default to yes! I do not intend to
deviate from upstream in the Debian or Ubuntu packaging on this matter.
If you want this changed, convince upstream.
We wrote down our thoughts on this in ope
"authoritative resources"? I'm inferring that you think my use of a
simple diagram tool to help illustrate this bug is somehow
inappropriate? And yes, I know what layered security is. :)
Please understand that the PermitRootLogin config default is not a new
issue. I'm trying to make sure every
"What use-case is there for remote root login that cannot already be met
by a tuned sudoers?"
The first that comes to mind are various backup strategies. Of course,
best practice would indicate to use ForceCommand in this situation.
Another option would be to use 'forced-commands-only' instead of
Thank you for the cheezburger link, Kees. From it, I am starting to
understand more about how decisions are made in the Ubuntu project and
the authoritative resources drawn upon to help make informed decisions.
Anyhow, those that somehow get the impression that they want to log in
as root can alwa
** Attachment added: "Diagram"
http://launchpadlibrarian.net/38195645/129085743814232954.png
** Changed in: openssh (Ubuntu)
Status: Incomplete => Confirmed
--
OpenSSH server sshd_config PermitRootLogin -> NO
https://bugs.launchpad.net/bugs/510732
You received this bug notification be
The issue is a trade-off between three classes of people, I think:
- People that have systems where root can SSH in (which consists of):
- Those that want to SSH in as root
- Those that are surprised they can SSH in as root
- Those that don't care
http://cheezburger.com/View.aspx?aid=309419
Hmm. Wishlist is not the right category for a bug.
Mathias, defaulting PermitRootLogin to "no" improves the layered process
of 'security' for the default installation by adding another layer of
protection and not relying on the hope that the root account will always
remain disabled. Correcting t
18 matches
Mail list logo
