I know one of the first things you do to secure a server is disallowing remote root login.
Passwords are pretty weak; what do people think of only allowing root login via ssh keys or other password-less methods.
Which methods are the best?
Is it better just not to risk it?
Is ssh-ing with a secondary account and using su - really adding any security?
How do people on serverfault.com access root on a remote server?