On Tue, Mar 19, 2024 at 05:42:55PM +0300, Jan Krapivin wrote: > The root user's password should be long (12 characters or more) and > impossible to guess. Indeed, any computer (and a fortiori any server) > connected to the Internet is regularly targeted by automated connection > attempts with the most obvious passwords. [...]
For most people, this really isn't a concern, because they either don't run an ssh server at all, or they use the default sshd_config which does not allow root logins. The only time you need to worry about this is if you: * Run an ssh server, AND * Accept ssh connections from the public Internet, AND * Have changed the sshd_config file to allow ssh root logins.
