Before we started shipping ssh with NetBSD, our default security policy
regarding authenticating as root using the root password was that you
first had to be able to authenticate as a user in the wheel group or
be at a secure terminal. (This was implemented by making most terminals
insecure and putting root in the wheel group.) Distributing ssh appears
to have inadvertantly changed that, since ssh's default policy as shipped
is to allow direct root logins.

In order to bring us back to the state we were in before I've changed
the default sshd_config file (which is installed as /etc/sshd.conf)
to have the "PermitRootLogin" option set to "no". From this point on,
if you use direct root logins from the network via ssh, you will want
to flip this option back after new installs or re-installs in /etc.

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 3 5778 0123   http://www.netbsd.org
    Don't you know, in this new Dark Age, we're all light.  --XTC