Add improvements to display allowed login modes

sshd/edit_users.cgi

@@ -56,20 +56,22 @@ else {
 
 # Allow logins by root
 $root = &find_value("PermitRootLogin", $conf);
-$rldef = $version{'number'} >= 7 ? $text{'users_nopwd'} : $text{'yes'};
-@opts = ( [ '', $text{'default'}.' ('.$rldef.')' ],
-          [ 'yes', $text{'yes'} ],
-	  [ 'no', $text{'no'} ] );
+$rldef = $version{'number'} >= 7 ? 'prohibit-password' : 'yes';
+$root = $rldef if ($root eq "without-password" || !$root);
+$deflbl = " (".lc($text{'default'}).")";
+@opts = ( [ 'yes', $text{'users_yes'}.
+	($rldef eq 'yes' ? $deflbl : "") ] );
 if ($version{'type'} eq 'ssh') {
 	push(@opts, [ 'nopwd', $text{'users_nopwd'} ]);
 	}
 else {
-	push(@opts, [ 'prohibit-password', $text{'users_nopwd'} ]);
+	push(@opts, [ 'prohibit-password', $text{'users_nopwd'}.
+		($rldef eq 'prohibit-password' ? $deflbl : "") ]);
 	if ($version{'number'} >= 2) {
 		push(@opts, [ 'forced-commands-only', $text{'users_fcmd'} ]);
 		}
 	}
-$root = "prohibit-password" if ($root eq "without-password");
+push(@opts, [ 'no', $text{'users_no'} ]);
 print &ui_table_row($text{'users_root'},
 	&ui_select("root", lc($root), \@opts));
 

sshd/lang/en

@@ -31,9 +31,11 @@ users_pexpire=Days before password expiry to warn user
 users_pexpire_def=Never
 users_auth=Allow authentication by password?
 users_pempty=Permit logins with empty passwords?
-users_root=Allow login by root?
-users_nopwd=Only with RSA auth
-users_fcmd=Only for commands
+users_root=Allow login by <em>root</em>?
+users_yes=Yes, both key and password
+users_nopwd=Yes, key-based only
+users_fcmd=Yes, for specific commands only
+users_no=No, disable root login completely
 users_rsa=Allow RSA (SSH 1) authentication?
 users_dsa=Allow DSA (SSH 2) authentication?
 users_pkeyauth=Allow public key authentication?