"Openbsd requires physical access to use the machine in console mode-- in linux, root remote access is enough."
This is true, except that with at least some versions of login, you can use the file /etc/securetty to specify which terminals root is allowed to log in from. And you can restrict ssh so that it does not allow root access from anywhere. This can help reduce the vectors for getting a root login. It won't help with privilege escalation bugs, but there are at least some measures in place.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds