El 2014-11-21 08:49, Christian Rose escribió:
2014-11-21 8:11 GMT+01:00 P J P <pj.pandit@xxxxxxxxxxx>:
Sshd(8) daemon by default allows remote users to login as root.
1. Is that really necessary?
2. Lot of users use their systems as root, without even creating
a non-root user.
Such practices need to be discouraged, not allowing remote
root login could be
useful in that.
Does it make sense to disable remote root login by default? If so,
do we need to just report it to the maintainer or it would be
treated as a feature?
IIRC, the main reason for PermitRootLogin being enabled by default was
to prevent a remote server from becoming inaccessible in cases such as
a network mounted /home suddenly becoming unavailable.
Also, the creation of a user is not enforced at installation, so you'll
need to login as root in those cases
--
Juan Orti
https://miceliux.com
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
