FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 10-03-2012, 04:46 PM
Avi Greenbury
 
Default can't run gnome as root - addition - SOLVED

Patrick Asselman wrote:
> On 2012-10-03 12:24, Phil Dobbin wrote:
> >Tom H wrote:
> >
> >>On Wed, Oct 3, 2012 at 5:49 AM, Patrick Asselman
> >><iceblink@seti.nl> wrote:
> >>>As far as I'm aware, ssh does (by default) not allow root to
> >>>login anyway,
> >>
> >>"PermitRootLogin yes" is set by default on Debian and Ubuntu.
> >>
> >
> >And on CentOS & Fedora...
>
> I have to say, this amazes me.
>
> In my opinion this should be changed, to protect the innocent
> unknowing Linux users. The expert users who know what they get
> themselves into, can figure out how to re-enable. Default should be
> to not permit it.

The efforts to protect people from themselves is what's lead to root
having no password and therefore being unable to login irrespective of
PermitRootLogin's setup. I think the assumption is that if someone
really does want a working root account, they probably want all of it.

SSH isn't installed by default, too, so there's at least two steps the
'unknowing' Linux users need to make - setting a password for root and
installing an sshd - before they open themselves up to whatever it is
you're concerned about.

> Can anyone tell me why it is enabled by default?
 
Old 10-03-2012, 04:55 PM
Phil Dobbin
 
Default can't run gnome as root - addition - SOLVED

Patrick Asselman wrote:

> On 2012-10-03 12:24, Phil Dobbin wrote:
>> Tom H wrote:
>>
>>> On Wed, Oct 3, 2012 at 5:49 AM, Patrick Asselman <iceblink@seti.nl>
>>> wrote:
>>>> As far as I'm aware, ssh does (by default) not allow root to login
>>>> anyway,
>>>
>>> "PermitRootLogin yes" is set by default on Debian and Ubuntu.
>>>
>>
>> And on CentOS & Fedora...
>>
>> Cheers,
>>
>> Phil...
>
> I have to say, this amazes me.
>
> In my opinion this should be changed, to protect the innocent unknowing
> Linux users. The expert users who know what they get themselves into,
> can figure out how to re-enable. Default should be to not permit it. Can
> anyone tell me why it is enabled by default?
>
> Just my opinion....

Well, if you think about it, when you get a new deployment whether
local, remote, physical or virtual, all you get is the root password &
all that's running on the machine is a ssh server generally so you need
to be able to login as root.

There are no 'users', these you have to create. Saying that, if you you
install a desktop environment, you do get the chance to create a user
other than root but it would confuse users to start getting too abstract
about security in the installer. And, besides, Ubuntu defaults to sudo
anyway.

It's possibly a.) a leftover from when Linux was more command line based
than today & b.) generally desktop distros users (Ubuntu, Mint, etc)
are, as a rule behind a NAT (what with the advent of broadband & what
have you) & don't really port forward port 22 or another port to enable
their boxes so it's left as it was originally intended.

To be frank, most desktop distro users run very little risk of being
taken over as a proxy server/open relay if they haven't opened up port
forwarding for ssh. And if they have, they should really know the
consequences of their actions. Ubuntu, in particular, is voluminous in
its documentation on all subjects & its coverage of ssh, I should
imagine, is no different.

Cheers,

Phil...

--
currently (ab)using
CentOS 6.3, Debian Squeeze, Fedora Beefy, OS X Snow Leopard, Ubuntu Precise


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-04-2012, 12:10 AM
Tom H
 
Default can't run gnome as root - addition - SOLVED

On Wed, Oct 3, 2012 at 6:24 AM, Phil Dobbin <bukowskiscat@gmail.com> wrote:
> Tom H wrote:
>> On Wed, Oct 3, 2012 at 5:49 AM, Patrick Asselman <iceblink@seti.nl> wrote:
>>>
>>> As far as I'm aware, ssh does (by default) not allow root to login anyway,
>>
>> "PermitRootLogin yes" is set by default on Debian and Ubuntu.
>
> And on CentOS & Fedora...

I only mentioned Debian to imply that Ubuntu was inheriting this from Debian.

You're right; and on Arch, Funtoo, and Gentoo. It makes me think that
it must be an upstream default.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 11:37 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org