[Bug 267170] security/openssh-portable : PermitRootLogin is set by default to "without-password" instead of "no"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 18 Oct 2022 11:31:23 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267170 Bug ID: 267170 Summary: security/openssh-portable : PermitRootLogin is set by default to "without-password" instead of "no" Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: bdrewery@FreeBSD.org Reporter: simplerezo@gmail.com Flags: maintainer-feedback?(bdrewery@FreeBSD.org) Assignee: bdrewery@FreeBSD.org According to pkg-message: "'PermitRootLogin no' is the default for the OpenSSH port. This now matches the PermitRootLogin configuration of OpenSSH in the base system. Please be aware of this when upgrading your OpenSSH port, and if truly necessary, re-enable remote root login by readjusting this option in your sshd_config." Its wrong: by default PermitRootLogin is set to "prohibit-password" ("without-password" synonym), since... 2015. # pkg install openssh-portable [...] # /usr/local/sbin/sshd -T | grep -i root permitrootlogin without-password chrootdirectory none IMHO, to keep ports/base consistent, sshd_config should be patched to set PermitRootLogin to "no", and a notice in UPDATING added. -- You are receiving this mail because: You are the assignee for the bug.