Disable or Restrict Root Login via SSH on Linux

Allowing root login over SSH is commonly considered a poor security practice throughout the tech industry. Instead, you could perform sensitive administrative tasks by connecting with a user account and executing commands using sudo.

Disable root access

View the contents of the SSH configuration file using the following command.

cat /etc/ssh/sshd_config

In this file you will find the following line:

#PermitRootLogin no

Un-comment the line using your desired editor. Then restart the SSH service for the changes to take effect.

/etc/init.d/ssh restart

Please note that login to the root account will still be possible via the Vultr console.

Restrict root access by IP address

As previously mentioned, a good security practice is to not allow root access via SSH at all. However if root access is absolutely necessary, you can restrict it by IP address.

To restrict root access to a specific IP address add the following line to the sshd_config file (substitute xxx.xxx.xxx.xxx for the IP address).

AllowUsers [email protected]

Restart the SSH service for the changes to take effect.

/etc/init.d/ssh restart
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Choosing an OS: CentOS, Ubuntu, Debian, FreeBSD, CoreOS, or Windows Server

Choosing an OS for your server can be difficult. You're aware that it's important to choose a...

What Ports Are Blocked?

Vultr blocks several ports that are commonly abused for DDOS attacks: TCP & UDP port 17...

Configuring Private Network

If you're assigning a private network to an existing machine (or deploying your own operating...

Configuring Static Networking and IPv6 on CentOS 7

VULTR has recently made changes on their end, and everything should now work fine 'out of the...

How Do I Generate SSH Keys?

An SSH Key allows you to log into your server without needing a password. SSH Keys can be...

Powered by WHMCompleteSolution