PermitRootLogin yes IS the default value
Today I found out that my box at work was used for some IRC botnet. According
to the logs, root’s password was bruteforced. But, i thought, hey, I am quite
sure root is UNABLE to login via ssh (after all it is not even in securetty
).
Root logins are enabled by default.
Great.