- Trending Categories
- Data Structure
- Operating System
- MS Excel
- C Programming
- Social Studies
- Fashion Studies
- Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
How to Disable SSH Root Login in Linux?
In Linux systems, SSH (Secure Shell) is a common protocol used to connect and manage remote servers. It allows users to securely access and control their servers from anywhere in the world. The use of SSH is critical for system administrators and developers as it enables them to perform various tasks such as editing configuration files, transferring files, and managing services remotely.
However, allowing root login via SSH creates significant security risks that can lead to unauthorized access and malicious attacks on your system. By disabling this feature, you can significantly reduce the chances of your Linux server being compromised.
The purpose of this guide is to provide step-by-step instructions on how to disable root login via SSH in Linux. We will explore the risks associated with allowing root login through SSH and demonstrate how you can take necessary steps to secure your system.
The Importance of SSH in Linux
SSH is a secure remote-access protocol that allows users to securely connect remotely over an unsecured network such as the internet. It provides encryption between client/server communication channels, effectively making it difficult for hackers or other third parties who may attempt unauthorized access or eavesdrop on traffic. SSH provides a simple way for system administrators and developers alike by providing them with an efficient way of accessing and managing their remote servers from their workstations or other remote locations where they may not have direct console access.
The Security Risks Associated with Allowing Root Login via SSH
While allowing root login via SSH might seem like a convenient feature, it poses significant security risks due to its inherent lack of security control measures. A hacker who successfully gains access through root login has complete control over the server, making it easier for them to execute malicious activities like installing malware or creating backdoors without detection.
Therefore, any attack aimed at obtaining elevated privileges using SSH will be more successful if root login is enabled. Disabling root login via SSH significantly reduces the risk of unauthorized access and malicious attacks.
Understanding SSH Root Login
Secure Shell (SSH) is a protocol that enables secure communication between different systems, allowing users to establish and maintain remote connections to Linux servers. SSH root login refers to the process of logging in as a root user via SSH.
The root user has complete system-level access, which means they can make changes to any part of the system. However, this also means that if someone gains unauthorized access to your root account, they will have full control over your system.
Preparing for Disabling Root Login
In order to proceed with disabling root login via SSH, it is important to prepare and set up the system properly. Before we begin, it is a good idea to check the current settings of your system and create a new user account that will be used as an alternative to the root account.
Checking current settings to see if root login is enabled or disabled
The first thing you need to do is check whether root login is currently enabled or disabled on your system. To do this, open a terminal and type the following command −
sudo grep PermitRootLogin /etc/ssh/sshd_config
If the output of this command is "PermitRootLogin yes", then root login is currently enabled on your system. If it says "PermitRootLogin no", then you are already safe from this security risk.
Creating a new user account with sudo privileges as an alternative to using the root account
It's never a good idea to use the root account for everyday use unless absolutely necessary because of security risks. A better practice for everyday use would be creating another user with administrative privileges but not using 'root' as their username.
This will provide an added layer of security in case someone manages to gain unauthorized access through other means. To create such an account, run the following command −
sudo adduser <username>
This will create a new user with regular privileges by default, but without administrative rights yet. The next step would be adding this user into sudoers file that defines who has access to sudo (superuser) commands. To grant this new user administrative privileges via the Terminal console run the following command −
sudo usermod -aG sudo <username>
After you create the new user, make sure to log out and log back in with your new account. You can use this account to perform daily operations as well as administrative tasks which require sudo privileges.
It is always easier to disable or delete a compromised user account than it is for the root account. With these preparatory steps taken care of, we are ready to move on to disabling root login via SSH.
Disabling Root Login via SSHEditing the file using a text editor
The first step in disabling root login via SSH is to open the sshd_config file. This file is usually located in the /etc/ssh/ directory. Open the terminal and enter the following command −
sudo nano /etc/ssh/sshd_config
This command will open the sshd_config file in a text editor called "nano" with superuser privileges. It's important to use sudo for this process, as you need administrative access to edit and save the changes.
Changing the PermitRootLogin setting from "yes" to "no"
Once you have opened the sshd_config file, look for a setting called PermitRootLogin. By default, this setting is usually set to "yes", which means that root login via SSH is allowed. You need to change this setting to "no".
Simply edit this line by changing yes to no.
#PermitRootLogin yes PermitRootLogin no
This disables root login through SSH and only allows other users with sudo privileges access.
Saving and closing the file
To save your changes, simply press CTRL + O on your keyboard, then ENTER (Return) key. To exit nano text editor type CTRL + X on your keyboard.
Restarting the SSH service
The final step after editing sshd_config would be restarting ssh service so that it applies our changes made previously we use following commands −
sudo systemctl restart sshd.service
Testing the Changes Made
After completing the steps of disabling SSH root login in Linux, it is essential to verify that changes were made successfully. Verifying these changes can be done by attempting to log in as a root user through SSH using a terminal or SSH client.
Verifying the Changes
Firstly, try to SSH into your server through command-line or an SSH client. When prompted for credentials, type in "root" as the username and the corresponding password. If you are unable to log in with your root account via SSH, this indicates that you have successfully disabled root login for SSH access.
If successful, you should see a message indicating that access was denied due to incorrect credentials. It's important not to leave any loopholes behind when securing your system from unauthorized access, and disabling root login via SSH is one of the most critical steps towards achieving this goal.
In this guide, we've covered the importance of disabling root login through SSH in Linux. Allowing root login can pose significant security risks by providing potential attackers with a direct path to gaining access to your system.
Disabling root login is a simple yet crucial step in securing your server and its data. By disabling root login, you force attackers to work harder in their attempts to gain access.
Kickstart Your Career
Get certified by completing the courseGet Started