DEV Community

Nurul Islam Rimon
Nurul Islam Rimon

Posted on

Secure Your Server in 5 Minutes: Ditch Root + Password SSH Forever

#linux #ubuntu #systemadmin #system

Why root login is dangerous

Root + password = easy target for bots. One weak password = full server compromise.
The secure way (best practice in 2025):

Steps:

  1. Create a normal sudo user 
adduser admin
usermod -aG sudo admin
Enter fullscreen mode Exit fullscreen mode
  1. Set up SSH key authentication 
mkdir -p /home/admin/.ssh
chmod 700 /home/admin/.ssh
chown admin:admin /home/admin/.ssh
Enter fullscreen mode Exit fullscreen mode
  1. Add public key 
# On your local machine: copy public key
cat ~/.ssh/id_ed25519.pub   # or id_rsa.pub

# On server (as admin user):
nano ~/.ssh/authorized_keys   # paste the key
chmod 600 ~/.ssh/authorized_keys
Enter fullscreen mode Exit fullscreen mode
  1. Test login 
ssh admin@YOUR_SERVER_IP
Enter fullscreen mode Exit fullscreen mode
  1. Disable root & password login 
PermitRootLogin no
PasswordAuthentication no
Enter fullscreen mode Exit fullscreen mode

Restart SSH:

sudo systemctl restart ssh
Enter fullscreen mode Exit fullscreen mode

Done!
Your server is now way harder to hack.
Use ed25519 keys (faster & more secure):

ssh-keygen -t ed25519 -C "your@email.com"
Enter fullscreen mode Exit fullscreen mode

Top comments (0)