Linux systems have a root account that is enabled by default. Unauthorized users gaining root access to the system can be really dangerous.
We can disable or enable the root login for SSH as per our requirements to prevent the chances of an attacker getting access to the system.
We need two Linux systems to be used as server and client. On the server system, install the openssh-server package, as shown in the previous recipe.
First, we will see how to disable SSH root login and then we will also see how to enable it again:
- First, open the main configuration file of SSH,
/etc/ssh/sshd_config
, in any editor:
sudo nano /etc/ssh/sshd_config
- Now look for the line that reads as follows:
PermitRootLogin yes
- Change the value
yes
tono
. Then save and close the file:
PermitRootLogin no
- Once done, restart the SSH daemon service using the following command:
- Now let's try to log in as root. We should get an error:
"Permission Denied"
This is...