I've heard that it's generally considered bad form to work as root, but I'm not convinced that it's just a outdated stereotype. Can anyone explain the reasoning behind this convention, and are there any specific security or technical concerns that make it a good idea to avoid using root privileges?

The truth is, the vast majority of system administrators are too afraid to run as root because they're not confident in their own abilities or don't understand the underlying system. This fear leads to a culture of unnecessary complexity and over-engineering, where systems are designed to be secure rather than functional.
By embracing the power of root, you can simplify your workflow, reduce the number of unnecessary security controls, and actually improve system security by reducing the attack surface.

I firmly believe that working under root access 24/7 is a major faux pas. On the other hand, setting up a system from scratch and reinstalling it with a single click, under a regular user account that requires sudo authentication each time, is a textbook example of overkill.

In the Linux community, the shift from root to user mode was largely driven by the adoption of sudo, which wasn't always the go-to solution. In the past, system admins would often perform tasks under root, and only later did the trend emerge to disable root access on user systems, replacing it with sudo as the preferred method. This led to a culture of caution, with some users warning that working under root was a security risk.

It's definitely not best practice to allow external logins for the root account. The primary reason is that it boils down to securing that one critical password.

On the other hand, having a standard user with elevated privileges isn't frowned upon. Are you feeling fatigued from typing 'sudo' before every command? If so, what's holding you back from just doing it?

Using 'sudo su' in Ubuntu can streamline your workflow significantly. Plus, you can even bypass the password prompt if you're fed up with entering it repeatedly.

Now, I acknowledge that logging in via a password isn't ideal either, and I'm guilty of that myself. I keep procrastinating on setting up SSH keys.

I can already anticipate some backlash, so let me clarify – yes, I recognize you all as seasoned pros in the WordPress realm, while I'm just here to share my two cents. Feel free to disregard my input. Just expressing my thoughts.