I searched the topic, and there are a couple of “incomplete” threads on the subject, but nothing that really answers my questions.
What breaks if I follow proper security procedures and deny root login via SSH?
Will Rockstor regularly overwrite the sshd_config if I set “AllowRootLogin=no” and change the user restrictions to allow a created user to login and do escalation via sudo?
Because, honestly, it really is poor security that SSH is restricted to root only and via password.
As long as you don’t do anything strange with local root access, I don’t foresee any major issues.
Note however, that if you’re using the UI based shell, it does connect via SSH, so you’ll need to follow the same procedure there as well (Login as user, sudo to elevate)
Also, I would consider it bad practice to expose SSH to a file storage system to any location other than those that should be able to access it, which would effectively neutralize the issue anyway.