All, > Thank you Paul, indeed it helped me, as I too ran into this issue in a > fresh Jessie install. I didn't have to downgrade OpenSSH, however, just > edit PermitRootLogin as you did.
So am I right to conclude that this bug actually concerns the change that changes PermitRootLogin to without-password? I think changing this default makes sense from a security perspective as it provides the best compromise between securing a default install versus the desire to log in as root directly. However, I recognise that there are people that are using password-based root login who may be surprised by this change. The proper solution therefore may be to add a NEWS.Debian entry so everyone is informed about this change, and a release notes item at that. If those are added, this bug could be closed. Colin, what do you think? Cheers, Thijs
signature.asc
Description: This is a digitally signed message part.