Stop root to login via ssh

Posted: August 7, 2013 in Uncategorized

it’s not a good idea to give access for “root” direct login. The preferred method is login with a username and run “su” (Super User) to get the root access.  However, root can still login “from the local terminal”.

 To make this feature enable we need to modify sshd_conf with following changes.

 

1. Open /etc/ssh/sshd_config file with vim editor :-

 

[root@afzalkhan ~]#vim /etc/ssh/sshd_config

 

2. Make sure that below two mentioned flags are set with below value :-

 

Protocol 2

PermitRootLogin no

 Briefly about this parameters :-

 Protocol 2 : Protocol 2 the separate connection and authentication protocol are used

PermitRootLogin no : Disable root login via ssh. This will not allow root to connect using ssh protocol.

 

3. [root@afzalkhan ~]$ ssh -C root@192.168.0.50

root@192.168.0.50’s password:

Permission denied, please try again.

root@192.168.0.50’s password:

 

It will not allow root to direct login from remote host via ssh protocol.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s