Sunday, January 23, 2011

Disable SSH root login

Providing direct login access to root via SSH is not a good practice. Administrators should use sudo to switch to root after logged in as themselves. this will helpful in auditing in terms of security.

Here is the step by step procedure to disable/deny direct root login via SSH

1. Login to the server as Root

2. Edit /etc/ssh/sshd_config

Look for the line,

PermitRootLogin=Yes

and then change the value of it to,

PermitRootLogin=No

3. Restart the sshd service and make sure its turned on

service sshd restart or /etc/init.d/sshd restart

service sshd status