How to Enable or Disable Root login via SSH

This post will cover how to enable (or disbale) Root login via SSH.

It’s always best practice that any machine on the internet not allow direct Root login via SSH.

To allow Root to log in, we need to update our sshd_config file located at /etc/ssh/sshd_config.

To update this file, we need to switch over to Root:

  1. [admin@blanche ~]$ su root
  2. Password:
  3. [root@blanche ~]#

Go to the /ect/ssh directory:

  1. [root@blanche ~]# cd /etc/ssh
  2. [root@blanche ssh]#

Now, let’s edit our sshd_config file using vi:

  1. [root@blanche ssh]# vi sshd_config

Look for the following section (about 1/3 of the way down):

  1. #LoginGraceTime 2m
  2. PermitRootLogin no

Hit “i” to insert and then change the value for PermitRootLogin from no to yes.

Hit Escape and then :wq! to save changes and close the file.

Finally, still as Root, we need to restart SSHD using /etc/init.d/sshd restart.

  1. [root@blanche ssh]# /etc/init.d/sshd restart
  2. Stopping sshd:                                             [  OK  ]
  3. Starting sshd:                                             [  OK  ]

Exit your session, open a new terminal and confirm you are now able to login as Root:

  1. login as: root
  2. root@blanche’s password:
  3. Last login: Mon Jun 28 16:21:53 2010
  4. [root@blanche ~]#

To prevent Root log in, simply set to (or change to) PermitRootLogin no in your sshd_config

Bookmark and Share

Advertisements
Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: