Bug 1173067 – AUDIT-FIND: openssh: change PermitRootLogin config option away from "yes"

Bug 1173067 - AUDIT-FIND: openssh: change PermitRootLogin config option away from "yes"


Summary:	AUDIT-FIND: openssh: change PermitRootLogin config option away from "yes"

Status:	NEW

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Audits
Version:	unspecified
Hardware:	Other All

Priority:	P5 - None Severity: Normal
Target Milestone:	---
Assigned To:	Hans Petter Jansson
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2020-06-17 11:34 UTC by Johannes Segitz
Modified:	2021-02-18 15:29 UTC (History)
CC List:	0 users

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Johannes Segitz 2020-06-17 11:34:10 UTC

While reviewing the new Leap 15.2 I noticed that we have 
PermitRootLogin yes
in the sshd_config because of 
openssh-7.7p1-allow_root_password_login.patch

I don't think it makes sense to remove this for this Leap update, but we should remove this in Factory so that our next product has a better default security stance (e.g. prohibit-password)

Comment 1 Johannes Segitz 2020-12-01 09:43:43 UTC

ping. can we please change that in Factory?

Comment 2 Johannes Segitz 2021-02-18 15:29:08 UTC

I submitted the change to Factory