Disable SSH Root Login

Up to now, the SSH program (Putty) has been installed and the Webmin Control Panel has also been installed in my local computer. These two basic tools should be enough to remote administrate the Linux server. It’s time to consider to disable the SSH root log in to the Linux server.

What Is Disable SSH Root Log in?

It simply means not allow user using root to log in the Linux server directly. In other words, it only allows the admin user to log in the Linux server. If the admin user need to switch to the super root user to do something, he can use the “su –” command. Therefore, two separate passwords are required:

  1. admin user password
  2. root user password

Why Disable SSH Root Log in?

As you may noticed that I used root to log in my Linux server by using SSH (Putty) and Webmin in previous articles. This is a major security issue to use root account to login server directly.

Why? Because:

  • other staff behind me may see the password,
  • hackers may use some software to guess the root password. However if SSH root log in is disabled, this will force the hackers to guess two separate passwords to gain root access.

Note:

  • This is also better to force the use of SSH protocol 2, a newer and more secure SSH protocol.
  • If your Linux server is using cPanel, make sure you add your admin user to the ‘wheel’ group so that you will be able to ‘su -‘ to root, otherwise you may lock yourself out of root.

    cPanel wheel group

You may also like...

2 Responses

  1. Tula Rodriguel says:

    I haven’t checked in here for quite some time mainly because I thought it was getting dull, however the last small number of articles are really high quality so I guess I will add you back to my everyday bloglist. You deserve it my friend.

  2. Tristen says:

    Cool blog!

Leave a Reply

Your email address will not be published. Required fields are marked *