How to disable direct root login.

How to disable direct root login

Direct login for the root user is a major security issue. We can disable direct login access to reduce the security risk. This way we can have two separate passwords for root access which makes the box more secure. Also we are using the protocol 2 which is newer and more secure.

1. SSH into your server as ‘admin’ and gain root access by su

2. Copy and paste this line to edit the file for SSH logins

vi /etc/ssh/sshd_config

3. Find the line

Protocol 2, 1

4. Uncomment it and change it to look like

Protocol 2

5. Next, find the line

PermitRootLogin yes

6. Uncomment it and make it look like PermitRootLogin no

7. Save the file Ctrl+X then Y then enter

8. Now you can restart SSH

/etc/rc.d/init.d/sshd restart

Now, no one will be able to login to root with out first loggin in as admin and ’su -’ to root.

Be sure that you remember both the passwords!

Tags: direct, Disable, login, Root

Trackback URI | Comments RSS

You must be logged in to post a comment.

ServerBuddies Support Blog

Linux Support Blog

How to disable direct root login

Leave a Reply

E-mail Updates

Archives

Categories

Links