On Wed, Jun 26, 2002 at 02:11:00PM +0200, InfoEmergencias - Luis Gómez wrote: > Hi all > > Messing up with sshd_config for all the privsep stuff, I've noticed that > PermitRootLogin was set to yes in my three woody boxes. I usually > consider this a problem (although it has been my fault - i should have > checked and noticed this much time ago). What do you think of this? > > IMHO, we'd better set it to no. I always thought it was much better. Is > there any landscape in which you may want to allow direct root login to > your host?
Not IMO. I thank my lucky stars every day that it was decided to allow root logins by default. I have 194 Debian boxes to look after. I have ssh identity keys setup. I can't go login to every box individually and run sudo or su every time I want to change something. I need to automate it, and I need to touch them all at once. If it did default to off then I would have to carefully change that every single time I upgrade ssh packages, or roll my own ssh packages. Allowing root logins is such a huge convenience when you have many machines that its really a must. And when you only have a few machines its easy enough to go to each one and disable it. -- -tcole -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]