Your message dated Sat, 5 Mar 2005 01:41:21 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#298138: ssh: PermitRootLogin should defaul to "no"
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 4 Mar 2005 23:19:01 +0000
>From [EMAIL PROTECTED] Fri Mar 04 15:19:01 2005
Return-path: <[EMAIL PROTECTED]>
Received: from warp.os9.nl [145.99.250.222]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D7M4T-0006H0-00; Fri, 04 Mar 2005 15:19:01 -0800
Received: by warp.os9.nl (Postfix, from userid 1001)
id 0CDCBE6AF5; Sat, 5 Mar 2005 00:18:59 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Thijs Kinkhorst <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: ssh: PermitRootLogin should defaul to "no"
X-Mailer: reportbug 3.8
Date: Sat, 05 Mar 2005 00:18:59 +0100
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: wishlist
Hello,
On a recent new install, I noticed that sshd had the PermitRootLogin
option set to Yes by default. From a security standpoint, being secure by
default, it would be better to default this option to No.
Regards,
Thijs Kinkhorst
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages ssh depends on:
ii adduser 3.59 Add and remove users and groups
ii debconf 1.4.30.11 Debian configuration management sy
ii dpkg 1.10.27 Package maintenance system for Deb
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam-runtime 0.76-22 Runtime support for the PAM librar
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7e-2 SSL shared libraries
ii libwrap0 7.6.dbs-6 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.2-3 compression library - runtime
-- debconf information excluded
---------------------------------------
Received: (at 298138-done) by bugs.debian.org; 5 Mar 2005 01:41:26 +0000
>From [EMAIL PROTECTED] Fri Mar 04 17:41:26 2005
Return-path: <[EMAIL PROTECTED]>
Received: from ppsw-3.csi.cam.ac.uk [131.111.8.133]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D7OIH-0004qA-00; Fri, 04 Mar 2005 17:41:26 -0800
Received: from rapun.sel.cam.ac.uk ([131.111.232.108]:1647)
by ppsw-3.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.133]:25)
with esmtp id 1D7OIF-0001Z8-9t (Exim 4.44)
(return-path <[EMAIL PROTECTED]>); Sat, 05 Mar 2005 01:41:23 +0000
Received: from matthew by rapun.sel.cam.ac.uk with local (Exim 3.35 #1 (Debian))
id 1D7OID-0002Hj-00; Sat, 05 Mar 2005 01:41:21 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <[EMAIL PROTECTED]>
Date: Sat, 5 Mar 2005 01:41:21 +0000
From: Matthew Vernon <[EMAIL PROTECTED]>
To: Thijs Kinkhorst <[EMAIL PROTECTED]>,
[EMAIL PROTECTED]
Cc: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: Bug#298138: ssh: PermitRootLogin should defaul to "no"
In-Reply-To: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
X-Mailer: VM 7.18 under Emacs 21.2.1
Sender: Matthew Vernon <[EMAIL PROTECTED]>
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
X-Cam-AntiVirus: No virus found
X-Cam-SpamDetails: Not scanned
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_01,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 2
Thijs Kinkhorst writes:
<snip>
Please read README.Debian before submitting your bug reports - this is
good practice for any package, not just ssh.
Matthew
--
Rapun.sel - outermost outpost of the Pick Empire
http://www.pick.ucam.org
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
