Ubuntu – How to disable remote SSH login as root from a server

accountsremote accessrootserver

For security purposes my company wants me to not allow anyone to be able to log into our Ubuntu server as root remotely over SSH. We still want the root account to exist, we just do not want it to be able to be logged into remotely. How would I accomplish this?

Thank you very much in advance for your time.

Best Answer

I assume you meant logging in over SSH? Put the following line to /etc/ssh/sshd_config:

PermitRootLogin no

If you want to deny certain users from logging in, put this in the configuration file:

DenyUsers root

This takes the blacklisting approach. Whitelisting is generally preferable. If your company needs to allow the rob and admin users log in on the server, use the following configuration directive:

AllowUsers rob admin

After making configuration file changes, restart the ssh service using the command:

sudo service ssh restart

See also the manual page.

Related Question