26 Jan
2011
26 Jan
'11
10:38 a.m.
[2011-01-26 11:29:56 +0100] Guillaume ALAUX:
We reverted back to the upstream conf to follow the Arch idea. We implicitly say "Power user, do your job when installing a SSH server". I understand your concern about minimum security but user should know how to configure an openSSH server if they need one. And if they don't maybe let's add an secure example in the wiki.
Just to clarify: The default sshd_config from upstream *is* secure. We are just talking about enabling (or not) features by default. -- Gaetan