Anytime you allow remote root access is bad. It leaves you open to brute force password attacks and the like. Best practice would be to only allow root login from 1 server using a ssh key and/or login to the system via a non-root user and sudo to root. Brent On Mon, Jun 2, 2008 at 11:05 AM, <secureshell-digest-help@xxxxxxxxxxxxxxxxx> wrote: > > secureshell Digest 2 Jun 2008 17:05:22 -0000 Issue 1092 > > Topics (messages 9892 through 9892): > > Allowing remote root login seems to be bad. Why? > 9892 by: Ron Arts > > Administrivia: > > To subscribe to the digest, e-mail: > <secureshell-digest-subscribe@xxxxxxxxxxxxxxxxx> > > To unsubscribe from the digest, e-mail: > <secureshell-digest-unsubscribe@xxxxxxxxxxxxxxxxx> > > To post to the list, e-mail: > <secureshell@xxxxxxxxxxxxxxxxx> > > > ---------------------------------------------------------------------- > > > ---------- Forwarded message ---------- > From: Ron Arts <ron@xxxxxxxxxxxxxx> > To: secureshell@xxxxxxxxxxxxxxxxx > Date: Mon, 02 Jun 2008 10:29:29 +0200 > Subject: Allowing remote root login seems to be bad. Why? > Hi, > > today I found that different Linux distributions have various > policies regarding allowing remote root access. For example, > The Redhat/Fedora crowd seems to enable this on default installs, > but the Debian/Ubuntu don't, they recommend sudo. > > I googled around but could not find why fedora allows it, and the > debian people just seem to have one reason: 'allowing remote root > access is bad, everybody knows that'. > > Suppose I ensure that root has a very strong password, then does > it really matter either way? > > Thanks, > Ron > > >
