Basic user accounts to keep: anything with a UID <= 10 (UID = number immediately after the password. Example:

root:X:0:0:Root account:/:/bin/bash

Root's UID is 0 and it's GID (group ID) is 0.

Generally, users are automatically added to the users group (GID 20 I think), and are assigned a UID starting from 100 (this is set in a file somewhere that's dependent on whatever distro you're using). If you're wanting to edit the passwd file without worry if you blow something up while editing it, use 'vipw' as root. That copies the passwd file into the /tmp dir as a file and edits that. Then, when you save, it'll move it into place for you, making a backup of the original.

If you're not using ftp, and are setting up openssh for a server, take out the ftp users (whichever ones there are) and do the following to disable the services:

1. cp /etc/services /etc/services.orig && vi /etc/services

Comment out (put a # in the beginning) for ftp and telnet services.

2. cd /etc/xinet.d

There are some files in here, one for each service you have and aptly named. Vi these files and for Enabled (I think that's the line), make sure telnet and wu-ftp are set for "No". When you restart xinetd, it'll reread them and kill the services for ftp and telnet. I'll get more info on this as I'm not in front of my linux box right now. Xinetd is fairly new to the linux scene, whereas before it was /etc/services and /etc/inetd.conf that controlled everything. Don't ask me why they have xinetd now, hehe...

As for OpenSSH:

When you configured it as root and installed the package (make install), it should've put some things in /usr/local/bin and /usr/local/sbin. I'm not sure if OpenSSH installs the sshd binary so that it runs at startup (will find out). Either way, when you install it, you'll want to run ssh-keygen to generate the public/private keys for each account that you want and after that you'll be able to run sshd and ssh in. sshd only needs to run if you plan on ssh'ing from the outside or 'scp'ing' files to/from the box. scp is the secure ftp. OpenSSH also runs on port 22, if you didn't know.

Hope this helps out.