Fix out-of-sync defaults. PermitRootLogin is supposed to be 'no' but

sshd's internal default was 'yes'. (if some cracker managed to trash /etc/ssh/sshd_config, then root logins could be reactivated) Approved by: kris
svn path=/head/; revision=62942
2025-01-02 12:20:51 +00:00 · 2000-07-11 09:50:15 +00:00 · 2000-07-11 09:50:15 +00:00 · e213d985b2 · 2020-12-20 02:59:44 +00:00
commit e213d985b2
parent 4c8545c13d
2 changed files with 2 additions and 2 deletions
--- a/crypto/openssh/servconf.c
+++ b/crypto/openssh/servconf.c
@ -103,7 +103,7 @@ fill_default_server_options(ServerOptions *options)
 	if (options->key_regeneration_time == -1)
 		options->key_regeneration_time = 3600;
 	if (options->permit_root_login == -1)
-		options->permit_root_login = 1;			/* yes */
+		options->permit_root_login = 0;			/* no */
 	if (options->ignore_rhosts == -1)
 		options->ignore_rhosts = 1;
 	if (options->ignore_user_known_hosts == -1)
--- a/crypto/openssh/sshd.8
+++ b/crypto/openssh/sshd.8
@ -480,7 +480,7 @@ The argument must be
 or
 .Dq no .
 The default is
-.Dq yes .
+.Dq no .
 If this options is set to
 .Dq without-password
 only password authentication is disabled for root.