Re: Announce: OpenSSH 6.9 released

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



> Future Deprecation Notice
> =========================
> 
> The 7.0 release of OpenSSH, due for release in late July, will
> deprecate several features, some of which may affect compatibility
> or existing configurations. The intended changes are as follows:
> 
>  * The default for the sshd_config(5) PermitRootLogin option will
>    change from "yes" to "no".
Uh, wouldn't "without-password" be a better alternative than "no"?

Getting the *first* authorized key on would still be "hard" (as in
"ssh user@...", "su"|"sudo", "mkdir -m 0700 .ssh", "cat > .ssh/auth.."),
but at least *further* keys could be done via "ssh-copy-id".


I don't have any statistics handy, but I believe that public-key
root authentication is widely used.
(And sometimes needed - especially when something goes wrong,
needing to authenticate as a normal user is one more thing that
can go wrong - think NIS or LDAP failures, etc.)

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux