diff --git a/openssh.changes b/openssh.changes
index eed4894..6808adb 100644
--- a/openssh.changes
+++ b/openssh.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Fri Apr 12 10:04:45 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
+
+- Make openssh-server recommend the openssh-server-config-rootlogin
+  package in SLE in order to keep the same behaviour of previous
+  SPs where the PermitRootLogin default was set to yes.
+- Fix crypto-policies requirement to be set by openssh-server, not
+  the config-rootlogin subpackage.
+- Add back %config(noreplace) tag for more config files that were
+  already set like this in previous SPs.
+
 -------------------------------------------------------------------
 Thu Apr 11 06:35:21 UTC 2024 - Arnav Singh <opensuse@arnavion.dev>
 
diff --git a/openssh.spec b/openssh.spec
index 7e87b12..99c96b5 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -190,7 +190,11 @@ clients.
 Summary:        SSH (Secure Shell) server
 Group:          Productivity/Networking/SSH
 Requires:       %{name}-common = %{version}-%{release}
+Requires:       crypto-policies >= 20220824
 Recommends:     audit
+%if 0%{?suse_version} == 1500
+Recommends:     openssh-server-config-rootlogin
+%endif
 Requires(pre):  findutils
 Requires(pre):  grep
 Requires(post): %fillup_prereq
@@ -213,7 +217,6 @@ securely connect to your server.
 %package server-config-rootlogin
 Summary:        Config to permit root logins to sshd
 Group:          Productivity/Networking/SSH
-Requires:       crypto-policies >= 20220824
 Requires:       %{name}-server = %{version}-%{release}
 
 %description server-config-rootlogin
@@ -485,7 +488,7 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss
 %attr(0755,root,root) %dir %{_distconfdir}/ssh/ssh_config.d
 %else
 %attr(0755,root,root) %dir %{_sysconfdir}/ssh
-%attr(0600,root,root) %{_sysconfdir}/ssh/moduli
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
 %attr(0755,root,root) %dir %{_sysconfdir}/ssh/ssh_config.d
 %endif
 %attr(0444,root,root) %{_mandir}/man1/ssh-keygen.1*
@@ -533,7 +536,7 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss
 %if %{defined _distconfdir}
 %{_distconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
 %else
-%{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
+%config(noreplace) %{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
 %endif
 
 %files clients
@@ -542,7 +545,7 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss
 %if %{defined _distconfdir}
 %attr(0644,root,root) %{_distconfdir}/ssh/ssh_config
 %else
-%attr(0644,root,root) %{_sysconfdir}/ssh/ssh_config
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
 %endif
 %attr(0755,root,root) %{_bindir}/ssh
 %attr(0755,root,root) %{_bindir}/scp*