I will second this recommendation; even with secure password communication, I
much prefer to not allow direct root logins over _any_ network connection.
In fact, I configure my systems to not even allow password-based authentication
for SSH (protocol version 2 and public key auth only), but that's a little
extreme as a standard recommendation :-)
I will second this recommendation; even with secure password communication, I much prefer to not allow direct root logins over _any_ network connection.
In fact, I configure my systems to not even allow password-based authentication for SSH (protocol version 2 and public key auth only), but that's a little extreme as a standard recommendation :-)