File openssh-7.6p1-allow_root_password_login.patch of Package openssh.10835

# HG changeset patch
# Parent  af43d436bc7fe818dd976c923ad99b89051eb299
Allow root login with password by default. While less secure than upstream
default of forbidding access to the root account with a password, we are
temporarily introducing this change to keep the default used in older OpenSSH
versions shipped with SLE.

Index: openssh-7.6p1/servconf.c
===================================================================
--- openssh-7.6p1.orig/servconf.c	2019-03-12 14:34:01.287395987 +0100
+++ openssh-7.6p1/servconf.c	2019-03-12 14:34:04.251412499 +0100
@@ -223,7 +223,7 @@ fill_default_server_options(ServerOption
 	if (options->login_grace_time == -1)
 		options->login_grace_time = 120;
 	if (options->permit_root_login == PERMIT_NOT_SET)
-		options->permit_root_login = PERMIT_NO_PASSWD;
+		options->permit_root_login = PERMIT_YES;
 	if (options->ignore_rhosts == -1)
 		options->ignore_rhosts = 1;
 	if (options->ignore_user_known_hosts == -1)
Index: openssh-7.6p1/sshd_config
===================================================================
--- openssh-7.6p1.orig/sshd_config	2019-03-12 14:34:01.287395987 +0100
+++ openssh-7.6p1/sshd_config	2019-03-12 14:34:04.255412520 +0100
@@ -30,7 +30,7 @@
 # Authentication:
 
 #LoginGraceTime 2m
-#PermitRootLogin prohibit-password
+#PermitRootLogin yes
 #StrictModes yes
 #MaxAuthTries 6
 #MaxSessions 10
Index: openssh-7.6p1/sshd_config.0
===================================================================
--- openssh-7.6p1.orig/sshd_config.0	2019-03-12 14:34:01.287395987 +0100
+++ openssh-7.6p1/sshd_config.0	2019-03-12 14:34:04.255412520 +0100
@@ -701,7 +701,7 @@ DESCRIPTION
      PermitRootLogin
              Specifies whether root can log in using ssh(1).  The argument
              must be yes, prohibit-password, without-password,
-             forced-commands-only, or no.  The default is prohibit-password.
+             forced-commands-only, or no.  The default is yes.
 
              If this option is set to prohibit-password or without-password,
              password and keyboard-interactive authentication are disabled for
Index: openssh-7.6p1/sshd_config.5
===================================================================
--- openssh-7.6p1.orig/sshd_config.5	2019-03-12 14:34:01.287395987 +0100
+++ openssh-7.6p1/sshd_config.5	2019-03-12 14:34:04.255412520 +0100
@@ -1193,7 +1193,7 @@ The argument must be
 or
 .Cm no .
 The default is
-.Cm prohibit-password .
+.Cm yes .
 .Pp
 If this option is set to
 .Cm prohibit-password