(Fri Nov 25 2016 00:00:00 GMT+0200 (Eastern European Standard Time)) A moment ago I was checking the system logs on my Ubuntu server and found that in auth.log reports that someone was repeatedly trying to SSH login as root. The "root" entry in /etc/passwd is setup so that no password will ever be matched, so perhaps this potential cracker would never get into my server anyway. But the requests are using bandwidth - and what if they were able to figure out a password that would work? Why not just block remote SSH login access to logging in as root in the first place? It's a bad idea to login directly as root - instead the recommended best practice is to login as a regular user then use sudo to perform things requiring super user access.