Just read the link re: PermitRoot --without-password My comment - typical "developer" string - because many people are looking for passwordless login for root, and from my UNIX background I would take "--without-password" very literally. I suspect what is intended is "--no-password-auth-permitted", meaning some other form of authentication is accepted, e.g., PKI.
Because of the comment in sshd_config I was thinking it was something in the PAM configuration I needed to look at. And, FYI - if you follow the suggestion in the sshd_config (re PAM) no login for anyone (using passwords at least) is permitted. Thank you for the link - I shall copy my keys in (later) and report back. And secondly, for the link - for the changes history! Excellent! Michael On Sat, May 2, 2015 at 6:19 PM, Michael Felt <aixto...@gmail.com> wrote: > Maybe - last time I tried - I mistyped the login - because login from > console is working for both - thanks for the reply. > > re: root login on sshd - guess I need to read more carefully. I know about > the cipher changes starting with OpenSSH 6.7, but had not yet stumbled on > anything extra blocking root login. > > My apologies for a false statement! Must test again and again (so I will > have to reload ubuntu, opensles and fedora to see which ones of those > refuse root login at console. If both are blocked (with the newer openssh) > may make some maintenance work difficult. > > Further - any interest in a different (in what way please) story on > installing debian on PowerVM enabled systems? > > On Sat, May 2, 2015 at 2:16 PM, Ben Hutchings <b...@decadent.org.uk> wrote: > >> On Sat, 2015-05-02 at 11:15 +0200, Michael Felt wrote: >> [...] >> >> > BTW: I notice a slight difference in how 'login as root' works between >> > wheezy and jessie. On both systems I have enabled 'root login' for my >> > initial tests. With wheezy I cannot login as root on the console, but >> > can login using ssh. On Jessie this is the reverse. I assume this is >> > deliberate. >> [...] >> >> The ssh part: yes, and that's documented in the release notes: >> < >> https://www.debian.org/releases/jessie/powerpc/release-notes/ch-information.en.html#openssh >> >. >> >> The console part: I don't think so; this is probably a bug in wheezy. >> The last time I had that sort of problem, it was due to an omission from >> the file /etc/securetty (list of devices that root may log in through). >> But in wheezy that file does include hvc0. >> >> Ben. >> >> -- >> Ben Hutchings >> Q. Which is the greater problem in the world today, ignorance or apathy? >> A. I don't know and I couldn't care less. >> > >
