summaryrefslogtreecommitdiff
path: root/debian/README.Debian
diff options
context:
space:
mode:
Diffstat (limited to 'debian/README.Debian')
-rw-r--r--debian/README.Debian9
1 files changed, 6 insertions, 3 deletions
diff --git a/debian/README.Debian b/debian/README.Debian
index dee9ddb21..9d029585c 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -19,7 +19,8 @@ PermitRootLogin
19--------------- 19---------------
20 20
21As of 1:6.6p1-1, new installations will be set to "PermitRootLogin 21As of 1:6.6p1-1, new installations will be set to "PermitRootLogin
22without-password". This disables password authentication for root, foiling 22without-password" (or the synonymous "PermitRootLogin prohibit-password" as
23of 1:7.0p1-1). This disables password authentication for root, foiling
23password dictionary attacks on the root user. Some sites may wish to use 24password dictionary attacks on the root user. Some sites may wish to use
24the stronger "PermitRootLogin forced-commands-only" or "PermitRootLogin no", 25the stronger "PermitRootLogin forced-commands-only" or "PermitRootLogin no",
25but note that "PermitRootLogin no" will break setups that SSH to root with a 26but note that "PermitRootLogin no" will break setups that SSH to root with a
@@ -34,7 +35,7 @@ ssh restart" as root.
34 35
35Disabling PermitRootLogin means that an attacker possessing credentials for 36Disabling PermitRootLogin means that an attacker possessing credentials for
36the root account (any credentials in the case of "yes", or private key 37the root account (any credentials in the case of "yes", or private key
37material in the case of "without-password") must compromise a normal user 38material in the case of "prohibit-password") must compromise a normal user
38account rather than being able to SSH directly to root. Be careful to avoid 39account rather than being able to SSH directly to root. Be careful to avoid
39a false illusion of security if you change this setting; any account you 40a false illusion of security if you change this setting; any account you
40escalate to root from should be considered equivalent to root for the 41escalate to root from should be considered equivalent to root for the
@@ -44,7 +45,9 @@ it if you know you will only ever log in as root from the physical console.
44Since the root account does not generally have non-password credentials 45Since the root account does not generally have non-password credentials
45unless you explicitly install an SSH public key in its 46unless you explicitly install an SSH public key in its
46~/.ssh/authorized_keys, which you presumably only do if you want to SSH to 47~/.ssh/authorized_keys, which you presumably only do if you want to SSH to
47it, "without-password" should be a reasonable default for most sites. 48it, "prohibit-password" should be a reasonable default for most sites.
49
50As of OpenSSH 7.0, this is the upstream default.
48 51
49For further discussion, see: 52For further discussion, see:
50 53