> Turn off sudo and don't put users you don't want to have root in the > wheel group. > > I find what you want to be questionable though.
But can't they still run "login"? Why questionable? I want security and convenience. I don't consider passwords to be either. physical security + ssh is what I want. I've gotten by with just the second and being sure I don't need console access after initial setup (I've run systems like this quite a while now, including upgrading OpenBSD a few times on a few machines, and Debian 4.0=>5.0) Thanks, - Jay
