By default, the hardened appliances allow you to use the console to log in directly as root. As a security best practice, you can deactivate direct logins after you create an administrative account for nonrepudiation and test it for wheel access by using the su - root command.
Prerequisites
- Complete the steps in the topic called Create a Local Administrative Account for Secure Shell.
- Verify that you have tested accessing the system as an administrator before you deactivate direct root logins.