PermitRootLogin yes

[ikr0m]

This repository contains following code in templates/opensshd.conf.j2 file:

# Either disable or only allowssh root login via certificates.
PermitRootLogin {{ 'without-password' if (ssh_allow_root_with_key|bool) else 'no' }}

It means it is impossible to write like this:
PermitRootLogin yes
It would be nice if we can control it's value. While testing root login is helpful.

[rndmh3ro]

Hi, @ikr0m, we can do this, yes. Do you want to create a PR for this?

[straight-shoota]

Is PermitRootLogin yes ever a valid option, from a security perspective?

[artem-sidorenko]

@straight-shoota it is, e.g. usage of root login with ssh pubkey authentication only on the systems where you always work as root anyway

[straight-shoota]

Yeah, but that's achieved by PermitRootLogin without-password. And even that's questionable.

PermitRootLogin yes allows password login. That's never a good idea on a system that is supposed to be security hardened.

[artem-sidorenko]

Yeah, but that's achieved by PermitRootLogin without-password

Right, I missed that.

And even that's questionable.

It's just the question of perspective. Some people think gaining root privileges via sudo/su is 'a security feature' and gives some kind of protection, some people do not think so :)

I think it's a good idea to have sane and secure defaults, but in the same time to allow overriding of options if needed. Sometimes there are edge cases where something like this might be needed for some reasons. If there is a way where it's possible to set a parameter and override a default behaviour - you are lucky, otherwise you start to fork the code and maintain patches.

[rndmh3ro]

Fixed in #195