On Sun, 19 Aug 2001, Brian Seklecki wrote:

> In fact, I cast a vote for setting PermitRootLogin to FALSE in the
> default sshd_config.
>
> Anyone else?

I would agree, since we also default to having root in the wheel group
in /etc/group. (This disallows su to root for anybody not in the wheel
group.)

The two consistent options are:

    1. ssh PermitRootLogin = false, root in wheel group

    2. ssh PermitRootLogin = true, empty wheel group

The way we have it set up now is inconsistent.

cjs
-- 
Curt Sampson  <cjs@cynic.net>   917 532 4208   http://www.netbsd.org
    Don't you know, in this new Dark Age, we're all light.  --XTC