| 1 |
On Mon, Nov 9, 2015 at 8:38 PM, Michael Orlitzky <mjo@g.o> wrote: |
| 2 |
> A major upgrade to OpenSSH is being stabilized: |
| 3 |
> |
| 4 |
> https://bugs.gentoo.org/show_bug.cgi?id=555518 |
| 5 |
> |
| 6 |
> The default of PermitRootLogin for sshd in the new version is |
| 7 |
> "prohibit-password". If you typically log in to the root account over |
| 8 |
> SSH using a password, **IT'S GONNA BREAK**, and you won't be able to fix |
| 9 |
> it remotely unless you have an account that can sudo to root. |
| 10 |
> |
| 11 |
> To maintain the current behavior, set PermitRootLogin to "yes" before |
| 12 |
> you upgrade, and then be careful not to wipe out sshd_config. |
| 13 |
> |
| 14 |
|
| 15 |
Another issue is this news item that is now old but suddenly relevant: |
| 16 |
https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html |
| 17 |
|
| 18 |
We should probably rethink how we handle news items like this. |
| 19 |
|
| 20 |
-- |
| 21 |
Rich |
Archives