Re: Allowing remote root login seems to be bad. Why?


today I found that different Linux distributions have various
policies regarding allowing remote root access. For example,
The Redhat/Fedora crowd seems to enable this on default installs,
but the Debian/Ubuntu don't, they recommend sudo.

Yes, you can also throw the *BSDs into the mix and get really
confused. Everyone has an opinion on the issue.

Suppose I ensure that root has a very strong password, then does
it really matter either way?

One school of thought goes like this: Disabling root access
altogether makes it impossible for someone who somehow obtains the
password to break in - you don't even give the person a chance to hack
by brute force, you take it out of his hand entirely.

On the other hand, if you have for root password a 97-character string
with large and small letters, numbers, special symbols, etc., and want
to take your chances, then by all means enable root login. Or if you
don't care whether you get pwned or not.