On Mon, Apr 15, 2019 at 6:20 AM Jakub Jelen jjelen@redhat.com wrote:
Hello, I see more viable to resurrect a bug #89216 [1] and change a default configuration (not only in fedora server) to
PermitRootLogin no
or at least prohibit-password. It can at least nudge for using better workflows using sudo.
Oh man... I just now realized that this is not the default. I somehow forgot I set this to no on all my machines. And I just did a Fedora 30 Server install and "yes" is the default.
Do I understand this correctly, that Fedora is setting this contrary to upstream for 4 years now? https://github.com/openssh/openssh-portable/commit/88a7c598a94ff53f76df228ee...