Disable Root SSH Login - Linux Security Tip

Securing Your Server: Disabling Root Login via SSH

A significant security vulnerability can be introduced by permitting direct root login through SSH. Attackers frequently target root passwords, and successful brute-force attempts grant them complete system access. A more secure practice involves utilizing a standard user account for routine tasks and employing sudo to escalate privileges when root access is required.

Prior to proceeding, ensure you possess a regular user account with the ability to switch to or gain sudo access to the root user. The following steps will involve modifying the SSH daemon's configuration file.

Editing the SSH Configuration File

The primary configuration file for the SSH service, sshd_config, requires modification. While its location can vary, it is commonly found within the /etc/ssh/ directory. Access and open this file while logged in as the root user.

vi /etc/ssh/sshd_config

Within the configuration file, locate the section governing login permissions. Specifically, search for the line containing "PermitRootLogin".

#LoginGraceTime 2m
#PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6

To disable root login via SSH, modify this line to read as follows:

PermitRootLogin no

Restarting the SSH Service

After implementing the change, it is crucial to restart the SSH daemon for the new configuration to take effect. This can be accomplished using the following command:

/etc/init.d/sshd restart

By disabling direct root login, you significantly reduce the risk of unauthorized access through brute-force attacks. This measure enhances the overall security posture of your server.

This change prevents attackers from directly attempting to guess the root password, bolstering your server’s defenses.