[CentOS] Fedora change that will probably affect RHEL
Warren Young
wyml at etr-usa.comWed Jul 29 19:29:54 UTC 2015
- Previous message: [CentOS] Fedora change that will probably affect RHEL
- Next message: [CentOS] Fedora change that will probably affect RHEL
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Jul 28, 2015, at 8:37 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > > On 07/28/2015 04:29 PM, Warren Young wrote: >> They turned off "PermitRootLogin yes" and "Protocol 1" in EL6 or EL7, the previous low-hanging fruit. Do you think those were bad decisions, too? > > As far as I know, PermitRootLogin has not been set to "no" by default. My mistake. I grepped sshd_config on a fresh EL7 machine here and saw #PermitRootLogin yes and assumed it meant “no”. It’s just documenting the default. I explicitly set it to “no” on systems I am solely in control of, and I’d prefer that upstream changed that default in the precursor(s) to CentOS 8, too. EL7 ships ready to use sudo out-of-the-box, if you tick the “administrative user” checkbox on the non-root user during install. That removes the last good reason to allow remote root logins by default.
- Previous message: [CentOS] Fedora change that will probably affect RHEL
- Next message: [CentOS] Fedora change that will probably affect RHEL
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list