root user best practice.
I am thinking of disabling the root user for my digital ocean 1-click app. However, iff a user uses a password for ssh, my user does not get that password and they can only ssh through the user I create in my image and with the password I set for the user during cloud-init, which is the Droplet ID.
I feel removing root login is best practice, however, Digital Ocean orients a lot of actions towards the root user…
Are there best practices from Digital Ocean in this regard?
Or is documenting this discrepency suffient and users will be happy I did not allow root logins?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×