On Sat, Jan 31, 2015 at 09:21:45PM -0500, Richard Ryniker wrote: > Recapitiulation: > > A security problem was recognized because the ssh daemon is enabled by > default on Fedora systems: with a weak root password, a remote attacker > might easily obtain unlimited access. > > The direct solution would seem to be a change to the ssh daemon to > prohibit root login in its default configuration, but allow > post-installation change to sshd to permit this where it is desirable. Coming from a FreeBSD background, where that is the default, that makes more sense to me, admittedly, just one person's opinion. It's actually more likely to stop this theoretical newcomer from leaving their system open. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test