Bug 1425285 - sshd_config PermitRootLogin yes enabled by default
Summary: sshd_config PermitRootLogin yes enabled by default
Status: CLOSED DUPLICATE of bug 89216
Alias: None
Product: Fedora
Classification: Fedora
Component: openssh
Version: 25
Hardware: x86_64
OS: Linux
Target Milestone: ---
Assignee: Jakub Jelen
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2017-02-21 05:29 UTC by bugazi
Modified: 2017-02-21 08:32 UTC (History)
6 users (show)

Clone Of:
Last Closed: 2017-02-21 08:32:40 UTC

Attachments (Terms of Use)

Description bugazi 2017-02-21 05:29:40 UTC
Description of problem: Post clean install of Fedora 25 via live USB, /etc/ssh/sshd_config file contains the following line (uncommented)

PermitRootLogin yes

Version-Release number of selected component (if applicable): OpenSSH 7.3pl
OpenSSL 1.0.2j-fips

How reproducible: I have reformatted/reinstalled thrice with same results

Steps to Reproduce:
1. Boot via live USB
2. Install to hard drive (automatic partitioning)
3. Reboot, sudo vi /etc/ssh/sshd_config

Actual results: line 46 of file is: PermitRootLogin yes

Expected results: PermitRootLogin no

Additional info: I verified SHA256 post ISO download successfully

Comment 1 Jakub Jelen 2017-02-21 08:32:40 UTC
TL:DR; Not a bug. It is intentional.

Related bug from 2003:


Related Fedora Change draft, that was never completed:


There are various pros of this setup, but cons are still automated setups without any other user created, which will cut users off. Also not all use cases require different users, but a root (IPA, testing, local network, ...). Interesting thread to read, which demonstrates why is that so:


This is still more for discussion on mailing list, with FESCO or Fedora Security Team if we would like to change that.

*** This bug has been marked as a duplicate of bug 89216 ***

Note You need to log in before you can comment on or make changes to this bug.