Home > Uncategorized > Disable Remote Root Login

Disable Remote Root Login

From G Garon at go2linux:

For security reasons it is not a good idea to permit ssh root direct login, it is better to login as another user, and then switch to root using the ‘su -‘ comand, to do this, you need to disable root from login directly using ssh protocol, this will decrease the possibility of a hacker breaking your linux box, as now he will have to guess your user name and your password

Ok, let’s go and see to make this.

Edit the file /etc/ssh/sshd_config

vi /etc/ssh/sshd_config

(you can use your favorite text editor)
I strongly recommend you to open two logins if doing this from a remote connection, and never close one of them, in case you need to roll back the configuration

locate this line with, writing this onces editing with vi or vim

if it says

Protocol 2, 1

change it to:

Protocol 2

This will enable only ssh2 which is more secure that ssh, do not do this if you need to log with a client that only support ssh, and not ssh2 protocol.

Next locate this line “PermitRootLogin yes” by entering this on your vi or vim editor

:/PermitRootLogin yes

and change it to this:

PermitRootLogin no

and save the file, with this:


now restart the ssh service.
If Fedora or CentOS
/etc/init.d/sshd restart

If Debian or Ubuntu
/etc/init.d/ssh restart

Test that you can login and gain root access with ‘su -‘ (without quotes), before, you left your root remote connection

Related Links

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.