Before Getting Started
It is important to understand why it is important to disable root ssh login in Linux
Disabling direct SSH root login is a crucial security measure that helps protect your servers from unauthorized access and potential breaches. Root accounts have unrestricted access to the entire system, so if an attacker gains access to the root account, they can potentially control everything on the server. By disabling root SSH login, you enforce the use of lower-privileged accounts for remote access. Users must log in with their accounts and escalate privileges using sudo if necessary. This minimizes the risk and improves accountability, as each action can be traced back to a specific user rather than the all-powerful root.
You have to edit the sshd_config file
-
Navigate to the /etc/ssh directory
cd /etc/ssh
-
Open the sshd_config file in a text editor
nano sshd_config
or
vim sshd_config
-
Edit the file
Look for the line "PermitRootLogin"
It may be commented out and its value can be yes, no, or
prohibit-password. you have to uncomment it and write
PermitRootLogin no -
Restart the ssh service
sudo systemctl restart sshd
The root ssh login will be disabled after the ssh service is
restarted.
Top comments (0)