Disable Direct Root Login and User Access via SSH to Server
Everybody knows, including hackers and attackers that all Linux and UNIX flavored systems come with a all powerful root user account, which once get compromised, mean all hell breaks loose. So it’s a good security practice to disable the ability for root user to able to login and gain access to the server system via SSH directly (of course, the system must have disabled FTP access). After disabling direct root SSH remote login, the chance for the brute force hacking to success is greatly reduced.
To turn off and disable direct root SSH login, follow this simple tutorial:
IMPORTANT: Make sure you have another account (preferably belongs to wheel user group too) which is able to login via SSH remotely, and able to SU to root user account. Else you risk been locked out from your server.
- SSH into server and login as root.
- In command shell, use pico or vi to edit sshd_config file by typing one of the following commands:
pico /etc/ssh/sshd_config
vi /etc/ssh/sshd_config - Scroll down the SSH server configuration file and locate a line like below:
#PermitRootLogin yes
- Uncomment the line by removing the hash symbol (#), and then change the “yes” to “no”. The final line should look like below:
PermitRootLogin no
- Save the config file. In pico, press Ctrl-o, follow by Ctrl-x. In vi, type :wq and press Enter.
- Restart SSH server by typing the following command in command line, and press Enter:
/etc/rc.d/init.d/sshd restart
- Logout from SSH connection. Try to login as root, it should fail with Access denied error. To access root account, login with your own user name and password, and then SU to root.
Share and contribute or get technical support and help at My Digital Life Forums.
Related Articles
- How to Get Linux Server Sends Email Alert on Root Login
- Disable and Turn Off Telnet in Linux
- Cannot FTP to Web Host or Server running cPanel/WHM
- Using phpMyAdmin for Effective MySQL Management in Windows XP
- Installing Web Server in FreeBSD 6.0 with Apache 2.2, MySQL 5.0 and PHP 5 - Part 3
- cPanel Invalid License File After Changing Hostname Error
- Change and Reset MySQL root Password
- Restore Full Backup or cpmove File in cPanel Web Host
- Check and Optimize MySQL Database Automatically with Crontab/Cron
- Install Web Server in Windows XP with Apache2, PHP5 and MySQL4 - Part 4
































