On Sun, Aug 15, 2021 at 11:00:26AM -0400, Stefan Monnier wrote: > Of course, the existence of a root password can occasionally be handy > for things like `rsync` (strictly speaking, you can probably arrange > for rsync to first log in as a normal user and then use `sudo`, but > it requires a fair bit of fiddling, IIRC).
You'll generally want to set things up so that direct root logins require key authentication, not password auth. (And *definitely* not some shell/Expect botch involving feeding a password to sudo after a non-root login. That's simply terrible.)