On 8/19/06, Matthew Miller <mattdm@xxxxxxxxxx> wrote:
On Sat, Aug 19, 2006 at 09:23:19PM -0500, Josh Boyer wrote: > > > Possibly. Perhaps the default config should be > > > "PermitRootLogin=without-password", which would allow logins via > > > public key but not using password authentication. > > +1 > +2 There are no currently-open bugs on this (unless I overlooked one), but there's several closed-wontfix ones, starting with bug #22930 (against Red Hat Linux 7.1) and then #89216 (alias DisallowRoot) up through the other week's logwatch suggestion. I'm inclined to reopen #89216 with this suggestion, since it has the fancy alias and since it's filed against devel already. Yeah?
I second that, however I would suggest going further and having somethign denyhosts like in place or are we going with the assumption that anyone owning a FC installation will be setting a good password, or a weak password with the knowledge that SSHd is running? -- To be updated... -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
