On Tue, 30 Jun 2015, Damien Miller wrote: > * The default for the sshd_config(5) PermitRootLogin option will > change from "yes" to "no". At the risk of re-opening an old bike-shedding debate: why not change the default to "without-password" or to "forced-commands-only"? With PermitRootLogin=no, users will change to "yes" as soon as they notice that root cannot login any more. Changing the default to the other options would promote these and users might be inclined to adopt these and also make use of PubkeyAuthentication instead of passwords. My 2 cents, Christian. -- BOFH excuse #176: vapors from evaporating sticky-note adhesives _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev