PermitRootLogin no explanation added.

1 files changed, 12 insertions, 5 deletions

diff --git a/security/openssh-portable/pkg-message b/security/openssh-portable/pkg-message
index 47f0f600972d..b0908ddd4486 100644
--- a/security/openssh-portable/pkg-message
+++ b/security/openssh-portable/pkg-message
@@ -1,10 +1,17 @@
 To enable this port, please add sshd_program=/usr/local/sbin/sshd and make
-sure
-sshd_enable is set to YES in your /etc/rc.conf
+sure sshd_enable is set to YES in your /etc/rc.conf
 
 You may also want to put NO_OPENSSH=    true in your /etc/make.conf
 and make sure your path is setup to /usr/local/bin before /usr/bin so that
-you
-are running the port version of openssh and not the version that comes with
-FreeBSD
+you are running the port version of openssh and not the version that comes
+with FreeBSD
 
+'PermitRootLogin no' is the new default for the OpenSSH port.
+This now matches the PermitRootLogin configuration of OpenSSH in
+the base system.  Please be aware of this when upgrading your
+OpenSSH port, and if truly necessary, re-enable remote root login
+by readjusting this option in your sshd_config.
+
+Users are encouraged to create single-purpose users with ssh keys
+and very narrowly defined sudo privileges instead of using root
+for automated tasks.