| Summary: | security/openssh-portable : PermitRootLogin is set by default to "without-password" instead of "no" | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | SimpleRezo <simplerezo> |
| Component: | Individual Port(s) | Assignee: | Bryan Drewery <bdrewery> |
| Status: | New --- | ||
| Severity: | Affects Many People | CC: | yonas.yanfa |
| Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(bdrewery) |
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
According to pkg-message: "'PermitRootLogin no' is the default for the OpenSSH port. This now matches the PermitRootLogin configuration of OpenSSH in the base system. Please be aware of this when upgrading your OpenSSH port, and if truly necessary, re-enable remote root login by readjusting this option in your sshd_config." Its wrong: by default PermitRootLogin is set to "prohibit-password" ("without-password" synonym), since... 2015. # pkg install openssh-portable [...] # /usr/local/sbin/sshd -T | grep -i root permitrootlogin without-password chrootdirectory none IMHO, to keep ports/base consistent, sshd_config should be patched to set PermitRootLogin to "no", and a notice in UPDATING added.