OpenSSH: disable root access

As part of the OpenSSH package there is a tool called ssh that allows you to remotely log into your servers in a safer way than, say, telnet.

Despite the fact that ssh clients provides a more secure way to login into your machines, it is a good practice to disable root access, keeping your sytem a bit more secure.

Edit the /etc/sshd_config file and change…

PermitRootLogin yes

to look like…

PermitRootLogin no

Save the changes and restart sshd. Now you can login with a less privileged account and su to root when you need to administer the system.

ssh non_privileged_user@yoursystem
su -

With this little tip your root password will never pass through the wire and your system will remain a bit more secure.

This entry was posted on Sunday, August 3rd, 2003 at 5:08 pm and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “OpenSSH: disable root access”

Super Nerdy Cool » Remote unlocking LUKS encrypted LVM using Dropbear SSH in Ubuntu says:

13/09/2011 at 6:10 am

[...] Disable root login for OpenSSH as it is unsafe to login as root (we only allow root to login when Dropbear SSH server is running during startup and restrict root all other times): ## change in /etc/ssh/sshd_config PermitRootLogin no [...]

Log in to Reply

You must be logged in to post a comment.

KarkomaOnline

OpenSSH: disable root access

One Response to “OpenSSH: disable root access”

Leave a Reply