Tag Archives: ssh

How to Disable SSH Login for the Root User

In this document, we will show you to disable the SSH root login to your server.

A major security hole is to allow direct root access without any restrictions. This is an open door for hackers. They can attempt to brute force your root password and potentially get access to your server if the password can be guessed.

Quick Steps:

  1. Login to the server via SSH.
  2. Open the file “/etc/ssh/sshd_config” in any of your favorite text editors.
  3. Find the section in the file containing the line with “#PermitRootLogin yes” in it.
  4. Uncomment and change it to “PermitRootLogin no”.
  5. Save the file and exit.
  6. Restart the sshd service.

Disabling SSH Login for Root

The first step is to login to the server. Please note that you need to get more than one terminal access to the server because in case we lost one connection you can recover and get access to the server with the other one.

Open the SSH configuration file with your text editor.

vi /etc/ssh/sshd_config

Locate the directive PermitRootLogin,

#PermitRootLogin yes

Uncomment the line and change the directive No.

PermitRootLogin no

Save and close the file. Restart the SSH daemon to save the changes by executing one of the commands below,

/etc/init.d/sshd restart
systemctl restart sshd
service sshd restart

From now on, any attempt to SSH to the server with the root account will be automatically denied.

Permission denied when connecting as the root user.

Permission denied when connecting as the root user.

Conclusion

The SSH login for the root account has been successfully disabled on your server.  You will not be able to SSH to server with the root account.