On Tue, Jul 28, 2015 at 07:37:45PM -0700, Gordon Messmer wrote: > On 07/28/2015 04:29 PM, Warren Young wrote: > >They turned off "PermitRootLogin yes" and "Protocol 1" in EL6 or EL7, the previous low-hanging fruit. Do you think those were bad decisions, too? > > As far as I know, PermitRootLogin has not been set to "no" by > default. At least, I've never seen that on a system I've installed. > Am I missing something? RHEL (and Fedora) unlike FreeBSD and a few other systems, has PermitRootLogin set to yes by default. On a minimal install, (I don't know about workstation) I've always found sshd to be enabled by default. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6