From e21fe8c3a4007c4a10f67e9e8107c3f083002f06 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 16:40:05 +0200 Subject: Adding debian version 1:9.2p1-2+deb12u2. Signed-off-by: Daniel Baumann --- debian/openssh-server.templates | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 debian/openssh-server.templates (limited to 'debian/openssh-server.templates') diff --git a/debian/openssh-server.templates b/debian/openssh-server.templates new file mode 100644 index 0000000..e071fe3 --- /dev/null +++ b/debian/openssh-server.templates @@ -0,0 +1,23 @@ +Template: openssh-server/permit-root-login +Type: boolean +Default: true +_Description: Disable SSH password authentication for root? + Previous versions of openssh-server permitted logging in as root over SSH + using password authentication. The default for new installations is now + "PermitRootLogin prohibit-password", which disables password authentication + for root without breaking systems that have explicitly configured SSH + public key authentication for root. + . + This change makes systems more secure against brute-force password + dictionary attacks on the root user (a very common target for such + attacks). However, it may break systems that are set up with the + expectation of being able to SSH as root using password authentication. You + should only make this change if you do not need to do that. + +Template: openssh-server/password-authentication +Type: boolean +Default: true +Description: Allow password authentication? + By default, the SSH server will allow authenticating using a password. + You may want to change this if all users on this system authenticate using + a stronger authentication method, such as public keys. -- cgit v1.2.3