Hi again! I have a question on the default behaviour of OpenSSH. Please, do not understand that I am complaining on it or trying to change its behaviour in relation with remote root logins allowed by default on OpenSSH (but I certainly believe it would be nice, that is the reason I write this message to the misc@ mailing list). Just want to share my opinion with the members of this mailing list.
First of all, I understand that remote root logins can be easily avoided by setting "PermitRootLogin" to "no" in /etc/ssh/sshd_config. I guess that remote root logins are allowed by default to simplify management of small network appliances that do not have user accounts on them. But these appliances are only a small number of all OpenBSD installations and, even if this number is not so small, a restricted (non-root) account in the group wheel and probably in the group operator too, on these devices is advisable to avoid damaging these appliances by mistake. In my humble opinion, there are three reasons to deny remote root logins by default: 1. Remote root login enabled by default makes the wheel group superfluous (i.e., why are used added to the wheel group when a user not in this group can log in as root, once the root password is known to him, by just typing "ssh [EMAIL PROTECTED]"?) 2. There are a lot of threats against the root account based in brute force attacks. Most of us see logs on this matter in our workstations and servers. Sometimes these threats, done by humans, network scanners or even worms, are successful. It is just a matter of (bad) luck. 3. OpenBSD is "secure by default"; all services should be configured to the most secure defaults. I think that this reason is as good as the previous ones. And not allowing remote root logins by default makes sense to me in relation with this goal. Someone that really wants to allow remote root logins should be able to enable this feature just changing /etc/ssh/sshd_config. But, in my humble opinion, most users do not really want this dangerous feature enabled by default. And, even on small network appliances, an unprivileged account in the wheel group (and even in the operator group) is a good management practice. [please, send copies of replies to this post to me if possible. I will do my best to answer any post, even if not sent to me, but it will be more difficult tracking who sent the message I am replying to.] Cheers, Igor.