Package: ssh Version: 1:4.3p2-7 Severity: wishlist After installing, /etc/ssh/sshd_config is set to allow root logins. On most systems, it doesn't make sense for root to log in directly. That is, a user should log in and use su or sudo. If people really need direct root logins, they should change their settings. IMO the default should be a secure system, and the users must knowingly open holes in it. That is, if they allow root logins, they will probably set a secure root password as well.
Of course this is a matter of taste, which is why I marked it as wishlist. -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-686 Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8) Versions of packages ssh depends on: ii openssh-client 1:4.3p2-7 Secure shell client, an rlogin/rsh ii openssh-server 1:4.3p2-7 Secure shell server, an rshd repla ssh recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
