- Feb 11, 2004
For as long as I can remember, I've disabled direct root login and required logging into a wheel group user first. But I've been thinking about installing an SSH key for root login; from a security standpoint is there any downside to this over what I've been doing? In theory, it seems to me, if I'm only allowing key-based authentication, a direct root login shouldn't be inherently insecure. Am I thinking correctly?