Disable SSH root login – Linux

How to disable SSH login as root user – PermitRootLogin?

PermitRootLogin – is an important directive in SSH configuration file to control the ssh login as root user. You can enable / disable root login access using this directive in ssh configuration file.

It is useful to protect the server from others by disabling the root user from SSH. In this method, you can assign SSH authentication to a user in your server and you can change to root after establishing a connection as user.

You can manage this from SSH conf file. Just open the configuration file, make changes, and restart service.

How to verify root login is enabled or not?

Execute the command below for checking the same from command line:

# grep PermitRootLogin /etc/ssh/sshd_config

Example:

[[email protected] ~]# grep PermitRootLogin /etc/ssh/sshd_config
#PermitRootLogin no 
# the setting of "PermitRootLogin without-password".

Enabled by default. You can disable it by editing the SSH conf file:

[[email protected] ~]# vim /etc/ssh/sshd_config
-----
PermitRootLogin no
-----

Then restart the SSH daemon:

[[email protected] ~]# /etc/init.d/sshd restart

That’s it πŸ™‚

Try to SSH as root, see the sample output below:

[[email protected] ~]# ssh localhost
:::Hai, Welcome to crybit's SSH:::
[email protected]'s password: (root password)
Permission denied, please try again.

You can SSH to server as a user, see the example below:

[[email protected] ~]# ssh [email protected]
:::Hai, Welcome to crybit's SSH:::
[email protected]'s password: (crybit's password)
Last login: Fri Jan 31 15:22:55 2014 from localhost
[[email protected] ~]$ 
[[email protected] ~]$ 

Thanks πŸ™‚

30 plus SSH interview questions and answers – compiled

SSH, secure shell, is a network protocol used to access remote Linux machine. You can execute commands on the remote server by connecting using SSH protocol.

SSH, it’s an important part in a Linux based technical interview. Both newbies and experienced techs can follow up this post for their interviews!

It is very vast and interesting topic. Prepare SSH clearly and attend the interview with cent percent confident πŸ™‚

Related Links:
How to manage SSH permission for custom users under your server
How to create a banner/welcome-note for SSH server
/etc/hosts.allow
/etc/hosts.deny

Post navigation

Arunlal Ashok

DevOps Engineer. Linux lover. Traveller.
Always happy for an open discussion! Write to arun ((@)) crybit ((dot)) com.

Leave a Reply

Your email address will not be published. Required fields are marked *