Re: PermitRootLogin default (was: "PermitRootLogin no" should not proceed with root login)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Christoph Anton Mitterer <calestyo@xxxxxxxxxxxx> writes:

> On Sat, 2015-02-21 at 23:36 +0000, Philip Hands wrote: 
>> I'm glad to say that the default for the Debian package
> Unfortunately, Debian overdid it quite a lot and also set a number of
> not so smart (respectively security-critical) defaults:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765632
>
> So it's like 1:1 ;-)

Having looked at the bug you mention, I have to agree that the
ForwardX11Trusted seems to have been misguided at the time it was
applied, and now (over a decade later) seems just plain wrong.

I've followed up on the bug to that effect, Cc-ing you, so you should
have seen that.

Cheers, Phil.

P.S. I take it that you were not trying to say that there's anything you
object to about the proposal to use "without-password" as the default?
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/    http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,    GERMANY

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux