In this Linux tutorial, you will learn how to disable SSH Root Login in Rocky Linux 9 or other Red Hat based Linux distributions. #centlinux #linux #ssh
SSH stands for Secure Shell. It is a network protocol that provides a secure way for remote access and management of network devices and systems. It allows users to securely log in to a remote computer over a network, execute commands on the remote machine, and transfer files between the local and remote machines.
SSH encrypts all the data transmitted between the client and server, preventing any unauthorized access to the information. This makes it a secure and reliable method for remote access and management of network systems.
SSH uses a client-server model, where the client initiates a connection to the server, and both parties authenticate each other using digital certificates or passwords. Once the connection is established, the client can securely communicate with the server over the encrypted tunnel.
SSH is widely used for remote server administration, file transfers, and tunneling applications. It is supported by most operating systems, including Windows, Linux, and macOS.
Read Also: How to Disable SSH Login for root CentOS 8
SSH root login refers to the ability to log in directly to a system as the root user using the SSH protocol. The root user is the superuser or administrative account in Unix-like operating systems, including Linux. It has unrestricted access to all files and commands on the system, making it extremely powerful and potentially dangerous if misused.
Enabling SSH root login means allowing direct access to the root account over a network using SSH. However, it is generally considered a security risk to allow SSH root login for several reasons:
For these reasons, it’s recommended to disable SSH root login and instead use SSH key-based authentication or enforce the use of individual user accounts with sudo privileges for administrative tasks. This helps enhance the security posture of the system and mitigate the risk of unauthorized access or accidental damage.
By using ssh command, login to your Rocky Linux server as root user.
# ssh root@192.168.116.128 The authenticity of host '192.168.116.128 (192.168.116.128)' can't be established. ED25519 key fingerprint is SHA256:0HIa3JkQYbEmBNv/W6RyztUXEmxtgCheMZSSErNWi5E. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.116.128' (ED25519) to the list of known hosts. root@192.168.116.128's password: Last login: Thu May 4 08:40:40 2023 from 192.168.116.1
Create a Linux Admin user as an alternative to root user.
You can this new admin user for SSH sessions, after disabling the super-admin user.
Execute following commands at Linux terminal to create a Linux admin user and set a password for it.
# adduser ahmer # passwd ahmer Changing password for user ahmer. New password: Retype new password: passwd: all authentication tokens updated successfully.
Edit /etc/sudoers file by using vim text editor or you can execute visudo command to do the same.
# visudo
Add following line in this file to grant sudo permissions to your Admin user.
ahmer ALL=(ALL) ALL
SSH configuration files are located in /etc/ssh directory.
Edit 01-permitrootlogin.conf file by using vim text editor. The file is already existed on a minimal installed Rocky Linux 9 operating system. For other Linux distributions you may need to create this file.
# vi /etc/ssh/sshd_config.d/01-permitrootlogin.conf
Locate and set following directive in this file.
PermitRootLogin no
Restart SSH Daemon to load configuration changes.
# systemctl restart sshd.service
Now, try to create a SSH session as root user.
# ssh root@192.168.116.128 root@192.168.116.128's password: Permission denied, please try again.
A ‘Permission denied’ message confirms that the SSH root logins has been disabled successfully. However, you can still obtain a SSH Shell by using the alternate Admin user that you have created at the start of this tutorial.
In this Linux tutorial, you have learned how to disable SSH Root login on Rocky Linux 9 or other Red Hat based Linux distributions. If you are new to Linux command-line, then we suggest that you should attend online training: Linux command line for beginners
Puppy Linux is a fast, lightweight OS designed for speed and simplicity, perfect for old…
Learn how to change Apache document root in Linux by following this step-by-step guide. Adjust…
Discover how to change Apache port in Linux easily. Follow our simple guide to modify…
Learn how to create a virtual host in Apache Server with this comprehensive guide. Set…
Discover 10 practical tasks for the RHCSA exam with step-by-step solutions. Boost your Linux skills…
Discover the ultimate Fail2ban configuration guide. Learn how to set up, customize, and optimize Fail2ban…
This website uses cookies.