Re: Abotu setting 'PermitRootLogin=no' in sshd_config

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 22 Nov 2014 08:24:32 +0000 (UTC)
P J P <pj.pandit@xxxxxxxxxxx> wrote:

> > On Saturday, 22 November 2014 1:39 AM, Richard W.M. Jones wrote:
> >> On Fri, Nov 21, 2014 at 09:11:51AM +0100, Florian Weimer wrote:
> >> The latter.  We have to install authorized_keys inside the VM
> >> anyway, so we can touch sshd_config, too.
> > 
> > Virt-builder has a new '--ssh-inject' feature (in F22 only).
> > 
> >   $ virt-builder fedora-20 --ssh-inject root
> > 
> > would inject your current ssh key into the root account of the new
> > VM. There are other variations, including ways to create a non-root
> > user account, see:
> > 
> > http://libguestfs.org/virt-builder.1.html
> 
> >
> 
>   Excellent! :)
> 
> 
> So far the consensus seem that it is okay to reverse the current
> default and set PermitRootLogin=no. I'll talk to the upstream
> maintainer - plautrba(https://fedoraproject.org/wiki/User:Plautrba).
> 
> Thank you.

We can install machine w/o user accounts, removing the ability to log
in as root via ssh means those machines will not be accessible.

If you want to remove root access that should be conditionally done at
firstboot only if a user account was created.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux