ssh X forwarding change in FC3
David Hollis
dhollis at davehollis.com
Thu Jan 6 20:40:33 UTC 2005
On Thu, 2005-01-06 at 21:04 +0100, Alexander Dalloz wrote:
>
> No, that would be silly. Reverting a security improvement just because
> users do not RTFM?
>
> As commented too in the bugzilla entry the change is made long ago in
> the upstream OpenSSH. See the FAQ
>
> http://www.openssh.org/faq.html#3.12
> http://www.openssh.org/faq.html#3.123
>
> > Pádraig Brady - http://www.pixelbeat.org
>
> Use OpenSSH properly and as documented and all is well.
>
I would like to see PermitRootLogin=no in the sshd_config file by
default. If I'm not mistaken, that is the default for openssh out of
the box, but the installed config (indicates anyway) that
PermitRootLogin=yes. With things like the SSH password guessing worm
running around, not allowing bad things to get in just because someones
root password is weak is not a good thing.
--
David Hollis <dhollis at davehollis.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20050106/325294f3/attachment.sig>
More information about the fedora-devel-list
mailing list