SSH, on DragonFly, now defaults to allowing root logins, but does not allow plaintext password logins.  This is on new installs only, so any existing installations won’t be affected, even after upgrades.  Plaintext passwords are under constant brute-force attack for some years now, so this is probably safer.