Re: Abotu setting 'PermitRootLogin=no' in sshd_config
[Posted November 26, 2014 by ris]
| From: |
| Matthew Miller <mattdm-AT-fedoraproject.org> |
| To: |
| Development discussions related to Fedora <devel-AT-lists.fedoraproject.org> |
| Subject: |
| Re: Abotu setting 'PermitRootLogin=no' in sshd_config |
| Date: |
| Tue, 25 Nov 2014 15:26:22 -0500 |
| Message-ID: |
| <20141125202622.GA16926@mattdm.org> |
| Archive‑link: | |
Article |
On Tue, Nov 25, 2014 at 09:20:35PM +0100, Petr Lautrbach wrote:
> There are several use cases when local non-root users are not needed at
> all as others already pointed out.
Including in some cases where there should both be no root password
_and_ no local non-system users.
> The change itself is simple however the problem is more complex overall.
> Here are some thoughts I have about the change:
> - administrators are alerted when they use weak password for root by
> anaconda
This has long been the case. However, if it explains _why_, I forget,
for the same reason that this never works. (Yeah yeah whatever, I just
want to install my system now and keep using "godmode" as my root
password just like I always have so I don't forget it.)
[more snipped]
> - default sudoers uses password of an user for authentication, so even
> when I have a non-root user in wheel group, I only need one user's
> password to become root
This is also the case already.
--
Matthew Miller
<mattdm@fedoraproject.org>
Fedora Project Leader
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
