One final note - Technically, sudo shouldn't even be installed unless you have a genuine need for it. It is an suid root binary, which means it is always a potential additional local exploit risk. suid root binaries should technically only be installed when there is a genuine need for them. That being said - I don't personally take the time to remove it, I'm not that concerned about it on my "single flesh user" systems but I would be on a multiuser system (where sudo is likely to be more appropriate so your non root webmaster for example can restart apache) OK - a few other people have accounts they use when they come to visit my house, but the only port then can use to remotely log in is ssh - and that's what the DenyUsers directive in sshd_config is for.
