bugzilla-daemon at mindrot.org
2015-Feb-20 01:18 UTC
[Bug 2354] New: please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 Bug ID: 2354 Summary: please document that PermitRootLogin really checks for uid=0 Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee: unassigned-bugs at mindrot.org Reporter: calestyo at scientia.net Hey. I just found out that PermitRootLogin has the feature of really checking for UID=0 and not for the username "root" I.e. it makes sense to have something like: Match user toor PermitRootLogin no Which would allow "root=0" to log in, but not e.g. the "toor=0" user to log in, if it is an alternative root user. :) nice feature! (bad name, though ^^) Cheers, Chris. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Feb-20 22:42 UTC
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Resolution|--- |WORKSFORME Status|NEW |RESOLVED --- Comment #1 from Damien Miller <djm at mindrot.org> --- I don't think this needs adjusting. Root in Unix is defined by UID and not username. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2015-Feb-21 00:09 UTC
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 --- Comment #2 from Christoph Anton Mitterer <calestyo at scientia.net> --- Is adding a one liner to the manpage really that issue? ;-) Well I just thought that it might be handy to people... and especially for the BSD guys,.. or didn't they have the tradition of having a "toor" user which is root as well but not called root? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2015-Feb-21 04:18 UTC
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 --- Comment #3 from Christoph Anton Mitterer <calestyo at scientia.net> --- Created attachment 2553 --> https://bugzilla.mindrot.org/attachment.cgi?id=2553&action=edit 0001-document-that-PermitRootLogin-checks-for-uid-0.patch -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2015-Feb-21 04:18 UTC
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 --- Comment #4 from Christoph Anton Mitterer <calestyo at scientia.net> --- forgot to attach the trivial patch I've had made, just in case you change your mind! -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #5 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after 7.3p1 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 01:22 UTC
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 --- Comment #6 from Christoph Anton Mitterer <calestyo at scientia.net> --- Shouldn't this be rather marked CLOSED WONTFIX? I mean it's still not documented as I proposed, so that would be the more appropriate status? -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
Maybe Matching Threads
- [Bug 2287] New: AuthorizedKeysCommandUser should have it's default documented
- PermitRootLogin default (was: "PermitRootLogin no" should not proceed with root login)
- [Bug 2310] New: functionality to start process before ssh and/or to "wrap" such command around ssh
- [Bug 2573] New: dead sessions cannot be closed with ~.
- [Bug 1663] sshd_config: AuthorizedKeysCommand