DEV Community

Cover image for How to disable root ssh login in Linux
Muhammad Ali Ahmed
Muhammad Ali Ahmed

Posted on

How to disable root ssh login in Linux

Before Getting Started

It is important to understand why it is important to disable root ssh login in Linux

Disabling direct SSH root login is a crucial security measure that helps protect your servers from unauthorized access and potential breaches. Root accounts have unrestricted access to the entire system, so if an attacker gains access to the root account, they can potentially control everything on the server. By disabling root SSH login, you enforce the use of lower-privileged accounts for remote access. Users must log in with their accounts and escalate privileges using sudo if necessary. This minimizes the risk and improves accountability, as each action can be traced back to a specific user rather than the all-powerful root.

You have to edit the sshd_config file

  1. Navigate to the /etc/ssh directory

    cd /etc/ssh

  2. Open the sshd_config file in a text editor

    nano sshd_config

    or

    vim sshd_config

  3. Edit the file

    Look for the line "PermitRootLogin"
    It may be commented out and its value can be yes, no, or
    prohibit-password. you have to uncomment it and write

     PermitRootLogin no
    
  4. Restart the ssh service

    sudo systemctl restart sshd

    The root ssh login will be disabled after the ssh service is
    restarted.

Top comments (0)