On Wed, Apr 09, 2025 at 09:34:08AM -0400, Jeffrey Walton wrote: [...]
> Disabling root logins by default is especially important when a > network attacker can use the login, like via SSH. To achieve this... > The network attacker > is usually your #1 threat, and you don't want to give the network > attacker an opportunity to obtain root merely by guessing a weak > password over the internet. (There are other things you should also do > for SSH, like disabling passwords and enabling public key > authentication). ...disabling root logins over SSH should suffice. I think those are orthogonal. Don't get me wrong: I, at some point, dropped root password, but more for convenience than for anything else. Cheers -- t
signature.asc
Description: PGP signature
