Hi. I've been using root logins with ssh. Since ssh goes encrypted I don't know why this could be a security problem (question 1: please confirm that). Anyway I've decided to change into the more (supposed) secure way: no root logins. I've done it. This is my current config: roman@goliat:~ > rpm -qa |grep ssh openssh-1.2.2-30 (yep, it's buggy, but I don't use scp & similiar) roman@goliat:~ > cat /etc/SuSE-release SuSE Linux 6.4 (i386) VERSION = 6.4 root@goliat:/etc/ssh > grep PermitRoot sshd_config PermitRootLogin no Nevertheless I've noted the following behaviour when trying to login as root: 1) If supplied passwd is incorrect, sshd tell so. 2) If supplied passwd is right, you get: ROOT LOGIN REFUSED FROM roman So you could try to guest root passwd by brute force attack. I don't like that. Is this corrected on newer versions? Please, any comments are welcome. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~