On Mon, 2005-10-24 at 20:53 -0700, Joel Jaeggli wrote: > On Tue, 25 Oct 2005, Danny Terweij - Net Tuning | Net wrote: > > > From: "Michael A. Peters" <mpeters@xxxxxxx> > > > >>> As you have already realized, it is generally not safe to allow ssh > >>> access for root. In fact, Fedora by default does not allow root to have > >>> ssh access. > > Ask yourself why is is not safe to ssh to root? It's a known user ID on a system, and an incredibly powerful one. No one will have root access that doesn't have a regular user account as well, therefore, forcing remote root users to first log in as their regular user and then su to root prevents a known username that happens to be all powerful from being bute-forced. Furthermore, if you ssh in as root - there is no accountability. If you ssh in as a user and then su to root, that action is recorded in the log files - and you know who logged into root and when.
