David Ghedini

Linux, Java, Oracle, and PostgreSQL


David Ghedini

Wednesday Mar 02, 2011

How to Enable or Disable Root login via SSH

This post will cover how to enable (or disbale) Root login via SSH.

It's always best practice that any machine on the internet not allow direct Root login via SSH.

To allow Root to log in, we need to update our sshd_config file located at /etc/ssh/sshd_config.

To update this file, we need to switch over to Root:

[admin@blanche ~]$ su root
Password:
[root@blanche ~]#


Go to the /ect/ssh directory:

[root@blanche ~]# cd /etc/ssh
[root@blanche ssh]#


Now, let's edit our sshd_config file using vi:

[root@blanche ssh]# vi sshd_config


Look for the following section (about 1/3 of the way down):

#LoginGraceTime 2m
PermitRootLogin no


Hit "i" to insert and then change the value for PermitRootLogin from no to yes.

Hit Escape and then :wq! to save changes and close the file.

Finally, still as Root, we need to restart SSHD using /etc/init.d/sshd restart.

[root@blanche ssh]# /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]


Exit your session, open a new terminal and confirm you are now able to login as Root:

login as: root
root@blanche's password:
Last login: Mon Jun 28 16:21:53 2010
[root@blanche ~]#


To prevent Root log in, simply set to (or change to) PermitRootLogin no in your sshd_config

Bookmark and Share



Comments:

permitrootlogin not found on Freebsd system

Posted by werwerwer on January 04, 2014 at 12:33 PM CST #

@werwerwer FreeBSD user here, and it's always worked on my system. Try using it case sensitively: "PermitRootLogin" instead of "permitrootlogin".

Posted by Ruben Schade on December 15, 2014 at 10:53 PM CST #

Post a Comment:
  • HTML Syntax: Allowed

Main Menu

Built With

Pages

LinkedIn

Tag Cloud

Hosted by:

Navigation

Visitors

Sponsors

petiole Cloud

Feeds