1 |
On Mon, Nov 9, 2015 at 8:38 PM, Michael Orlitzky <mjo@g.o> wrote: |
2 |
> A major upgrade to OpenSSH is being stabilized: |
3 |
> |
4 |
> https://bugs.gentoo.org/show_bug.cgi?id=555518 |
5 |
> |
6 |
> The default of PermitRootLogin for sshd in the new version is |
7 |
> "prohibit-password". If you typically log in to the root account over |
8 |
> SSH using a password, **IT'S GONNA BREAK**, and you won't be able to fix |
9 |
> it remotely unless you have an account that can sudo to root. |
10 |
> |
11 |
> To maintain the current behavior, set PermitRootLogin to "yes" before |
12 |
> you upgrade, and then be careful not to wipe out sshd_config. |
13 |
> |
14 |
|
15 |
Another issue is this news item that is now old but suddenly relevant: |
16 |
https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html |
17 |
|
18 |
We should probably rethink how we handle news items like this. |
19 |
|
20 |
-- |
21 |
Rich |