Re: Allowing remote root login seems to be bad. Why? (SUMMARY)



Okay,

the general feeling seems to be that you should disable
remote root login, for the following reasons:

1. Why take the chance that someone cracks the root account.
2. You want to keep logs on who is logging in to your box.

Though from the answers I may induce that it may be
secure if:

- you choose a strong root password
- there are no other users on the box
- constrain logins to certain ip addresses.

I think if you allow users on the box, you run a much
larger risk anyway not? Hacking root from a local
account is much easier than hacking root remotely.

I did not see defenders of the default redhat/fedora setup.

But your answers still convinced me that though there
are valid reasons to use local user accounts together with sudo,
they do not necessarily apply to the setups I use.

Thanks,
Ron