File openssh-7.6p1-allow_root_password_login.patch of Package openssh.21986
# HG changeset patch
# Parent af43d436bc7fe818dd976c923ad99b89051eb299
Allow root login with password by default. While less secure than upstream
default of forbidding access to the root account with a password, we are
temporarily introducing this change to keep the default used in older OpenSSH
versions shipped with SLE.
Index: openssh-7.6p1/servconf.c
===================================================================
--- openssh-7.6p1.orig/servconf.c 2019-03-12 14:34:01.287395987 +0100
+++ openssh-7.6p1/servconf.c 2019-03-12 14:34:04.251412499 +0100
@@ -223,7 +223,7 @@ fill_default_server_options(ServerOption
if (options->login_grace_time == -1)
options->login_grace_time = 120;
if (options->permit_root_login == PERMIT_NOT_SET)
- options->permit_root_login = PERMIT_NO_PASSWD;
+ options->permit_root_login = PERMIT_YES;
if (options->ignore_rhosts == -1)
options->ignore_rhosts = 1;
if (options->ignore_user_known_hosts == -1)
Index: openssh-7.6p1/sshd_config
===================================================================
--- openssh-7.6p1.orig/sshd_config 2019-03-12 14:34:01.287395987 +0100
+++ openssh-7.6p1/sshd_config 2019-03-12 14:34:04.255412520 +0100
@@ -30,7 +30,7 @@
# Authentication:
#LoginGraceTime 2m
-#PermitRootLogin prohibit-password
+#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
Index: openssh-7.6p1/sshd_config.0
===================================================================
--- openssh-7.6p1.orig/sshd_config.0 2019-03-12 14:34:01.287395987 +0100
+++ openssh-7.6p1/sshd_config.0 2019-03-12 14:34:04.255412520 +0100
@@ -701,7 +701,7 @@ DESCRIPTION
PermitRootLogin
Specifies whether root can log in using ssh(1). The argument
must be yes, prohibit-password, without-password,
- forced-commands-only, or no. The default is prohibit-password.
+ forced-commands-only, or no. The default is yes.
If this option is set to prohibit-password or without-password,
password and keyboard-interactive authentication are disabled for
Index: openssh-7.6p1/sshd_config.5
===================================================================
--- openssh-7.6p1.orig/sshd_config.5 2019-03-12 14:34:01.287395987 +0100
+++ openssh-7.6p1/sshd_config.5 2019-03-12 14:34:04.255412520 +0100
@@ -1193,7 +1193,7 @@ The argument must be
or
.Cm no .
The default is
-.Cm prohibit-password .
+.Cm yes .
.Pp
If this option is set to
.Cm prohibit-password