ssh X forwarding change in FC3

David Hollis dhollis at davehollis.com
Thu Jan 6 20:40:33 UTC 2005


On Thu, 2005-01-06 at 21:04 +0100, Alexander Dalloz wrote:

> 
> No, that would be silly. Reverting a security improvement just because
> users do not RTFM?
> 
> As commented too in the bugzilla entry the change is made long ago in
> the upstream OpenSSH. See the FAQ
> 
> http://www.openssh.org/faq.html#3.12
> http://www.openssh.org/faq.html#3.123
> 
> > Pádraig Brady - http://www.pixelbeat.org
> 
> Use OpenSSH properly and as documented and all is well.
> 

I would like to see PermitRootLogin=no in the sshd_config file by
default.  If I'm not mistaken, that is the default for openssh out of
the box, but the installed config (indicates anyway) that
PermitRootLogin=yes.  With things like the SSH password guessing worm
running around, not allowing bad things to get in just because someones
root password is weak is not a good thing.


-- 
David Hollis <dhollis at davehollis.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20050106/325294f3/attachment.sig>


More information about the fedora-devel-list mailing list