Okay, the general feeling seems to be that you should disable remote root login, for the following reasons: 1. Why take the chance that someone cracks the root account. 2. You want to keep logs on who is logging in to your box. Though from the answers I may induce that it may be secure if: - you choose a strong root password - there are no other users on the box - constrain logins to certain ip addresses. I think if you allow users on the box, you run a much larger risk anyway not? Hacking root from a local account is much easier than hacking root remotely. I did not see defenders of the default redhat/fedora setup. But your answers still convinced me that though there are valid reasons to use local user accounts together with sudo, they do not necessarily apply to the setups I use. Thanks, Ron
