Change "PermitRootLogin without-password" to the new preferred spelling of "PermitRootLogin prohibit-password" in sshd_config, and update documentation to reflect the new upstream default.

author: Colin Watson <cjwatson@debian.org> 2015-11-29 17:34:13 +0000
committer: Colin Watson <cjwatson@debian.org> 2015-11-29 17:34:13 +0000
commit: 18a9bd1867ee6fb9d913515773b322a279759b5d (patch)
tree: 84039e754648d919d08108dcbc24b92f90d7c758 /debian/README.Debian
parent: 0b372585c0026f78676f1414510ec9f87a383803 (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/debian/README.Debian b/debian/README.Debian
index dee9ddb21..9d029585c 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -19,7 +19,8 @@ PermitRootLogin
 ---------------
 As of 1:6.6p1-1, new installations will be set to "PermitRootLogin
-without-password".  This disables password authentication for root, foiling
+without-password" (or the synonymous "PermitRootLogin prohibit-password" as
+of 1:7.0p1-1).  This disables password authentication for root, foiling
 password dictionary attacks on the root user.  Some sites may wish to use
 the stronger "PermitRootLogin forced-commands-only" or "PermitRootLogin no",
 but note that "PermitRootLogin no" will break setups that SSH to root with a
@@ -34,7 +35,7 @@ ssh restart" as root.
 Disabling PermitRootLogin means that an attacker possessing credentials for
 the root account (any credentials in the case of "yes", or private key
-material in the case of "without-password") must compromise a normal user
+material in the case of "prohibit-password") must compromise a normal user
 account rather than being able to SSH directly to root.  Be careful to avoid
 a false illusion of security if you change this setting; any account you
 escalate to root from should be considered equivalent to root for the
@@ -44,7 +45,9 @@ it if you know you will only ever log in as root from the physical console.
 Since the root account does not generally have non-password credentials
 unless you explicitly install an SSH public key in its
 ~/.ssh/authorized_keys, which you presumably only do if you want to SSH to
-it, "without-password" should be a reasonable default for most sites.
+it, "prohibit-password" should be a reasonable default for most sites.
+As of OpenSSH 7.0, this is the upstream default.
 For further discussion, see:
author	Colin Watson <cjwatson@debian.org>	2015-11-29 17:34:13 +0000
committer	Colin Watson <cjwatson@debian.org>	2015-11-29 17:34:13 +0000
commit	18a9bd1867ee6fb9d913515773b322a279759b5d (patch)
tree	84039e754648d919d08108dcbc24b92f90d7c758 /debian/README.Debian
parent	0b372585c0026f78676f1414510ec9f87a383803 (diff)

diff --git a/debian/README.Debian b/debian/README.Debian index dee9ddb21..9d029585c 100644 --- a/debian/README.Debian +++ b/debian/README.Debian
@@ -19,7 +19,8 @@ PermitRootLogin
19	---------------	19	---------------
20		20
21	As of 1:6.6p1-1, new installations will be set to "PermitRootLogin	21	As of 1:6.6p1-1, new installations will be set to "PermitRootLogin
22	without-password". This disables password authentication for root, foiling	22	without-password" (or the synonymous "PermitRootLogin prohibit-password" as
		23	of 1:7.0p1-1). This disables password authentication for root, foiling
23	password dictionary attacks on the root user. Some sites may wish to use	24	password dictionary attacks on the root user. Some sites may wish to use
24	the stronger "PermitRootLogin forced-commands-only" or "PermitRootLogin no",	25	the stronger "PermitRootLogin forced-commands-only" or "PermitRootLogin no",
25	but note that "PermitRootLogin no" will break setups that SSH to root with a	26	but note that "PermitRootLogin no" will break setups that SSH to root with a
@@ -34,7 +35,7 @@ ssh restart" as root.
34		35
35	Disabling PermitRootLogin means that an attacker possessing credentials for	36	Disabling PermitRootLogin means that an attacker possessing credentials for
36	the root account (any credentials in the case of "yes", or private key	37	the root account (any credentials in the case of "yes", or private key
37	material in the case of "without-password") must compromise a normal user	38	material in the case of "prohibit-password") must compromise a normal user
38	account rather than being able to SSH directly to root. Be careful to avoid	39	account rather than being able to SSH directly to root. Be careful to avoid
39	a false illusion of security if you change this setting; any account you	40	a false illusion of security if you change this setting; any account you
40	escalate to root from should be considered equivalent to root for the	41	escalate to root from should be considered equivalent to root for the
@@ -44,7 +45,9 @@ it if you know you will only ever log in as root from the physical console.
44	Since the root account does not generally have non-password credentials	45	Since the root account does not generally have non-password credentials
45	unless you explicitly install an SSH public key in its	46	unless you explicitly install an SSH public key in its
46	~/.ssh/authorized_keys, which you presumably only do if you want to SSH to	47	~/.ssh/authorized_keys, which you presumably only do if you want to SSH to
47	it, "without-password" should be a reasonable default for most sites.	48	it, "prohibit-password" should be a reasonable default for most sites.
		49
		50	As of OpenSSH 7.0, this is the upstream default.
48		51
49	For further discussion, see:	52	For further discussion, see:
50		53