I have two divergent opinions on this issue. Personally, I agree with Theo de Randt on the reasoning behind the default PermitRootLogin setting in OpenSSH. If your root password is of adequate strength (in the event that you're not mandating the use of keys), then realistically the risk of exposing root logins over SSH is minimal (excluding any unforeseen exploits in OpenSSH). I trust the mathematics of cryptography. On the other hand, I can't vouch for the security of other user's systems. I have a suspicion that the majority of brute force attacks that succeed occur on systems where the user is unaware that sshd is running and/or the system was never meant to be reachable from the internet. Sucuri found that 58% of brute force attacks were conducted against the root account [1]. A full list of the passwords tried by attackers can be found here [2]. The strength of passwords that are tried are obviously extremely weak. Since setting PermitRootLogin to no will minimize the footprint of this attack, I'd be more than happy to see it implemented. Anyone who wants to sets PermitRootLogin to yes, is likely well aware of the importance of strong passwords and the visibility of their system over the internet. Brandon Vincent [1] http://blog.sucuri.net/2013/07/ssh-brute-force-the-10-year-old-attack-that-still-persists.html [2] http://labs.sucuri.net/dump/sshd_bruteforce_list.txt?_ga=1.53033320.1159093202.1416926351 -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
