Package: openssh-server Version: 1:7.1p1-5 Severity: important Dear Maintainer,
Using ssh/SSAPI auth should work even if root login with password are disabled, however, it looks like the new 7.0 setting of "without-password" and prohibit-password inadvertently prevent GSSAPI auth to root, too. Please see http://lists.mindrot.org/pipermail/openssh-bugs/2015-September/015366.html for more details. Cheers, Juha -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openssh-server depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.58 ii dpkg 1.18.3 ii init-system-helpers 1.24 ii libaudit1 1:2.4.4-4 ii libc6 2.21-4 ii libcomerr2 1.42.13-1 ii libgssapi-krb5-2 1.13.2+dfsg-4 ii libkrb5-3 1.13.2+dfsg-4 ii libpam-modules 1.1.8-3.1 ii libpam-runtime 1.1.8-3.1 ii libpam0g 1.1.8-3.1 ii libselinux1 2.4-3 ii libssl1.0.2 1.0.2e-1 ii libsystemd0 228-2 ii libwrap0 7.6.q-25 ii lsb-base 9.20150917 ii openssh-client 1:7.1p1-5 ii openssh-sftp-server 1:7.1p1-5 ii procps 2:3.3.10-4+b1 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages openssh-server recommends: ii ncurses-term 6.0+20151024-2 ii xauth 1:1.0.9-1 Versions of packages openssh-server suggests: ii ksshaskpass [ssh-askpass] 4:5.4.3-1 ii kwalletcli [ssh-askpass] 2.12-5 pn molly-guard <none> pn monkeysphere <none> pn rssh <none> pn ufw <none> -- debconf information excluded
