If you are running a server or a cloud instance, you must know that remote access is essential to manage it. And regarding remote access, SSH (Secure Shell) is the go-to protocol for many. SSH provides encrypted and secure communication between the client and the server, and it is widely used for remote shell access, file transfer, and tunneling.
However, as with any remote access, it also poses security risks. One of the most significant security threats is the possibility of brute-force attacks on the SSH daemon. And, as the root account has unlimited privileges, it is a primary target of such attacks.
To mitigate this security risk, it is recommended to disable root login in SSH. In this article, we will discuss how to do this on various operating systems, including Linux, macOS, and Windows.
Why Disable Root Login in SSH?
As mentioned earlier, the root account has unlimited privileges, which makes it an attractive target for attackers. If an attacker can gain access to the root account, they can compromise the entire system. Disabling root login in SSH is an essential step in securing your server or cloud instance against unauthorized access.
When you disable root login in SSH, you force users to log in using their own accounts and elevate their privileges using the sudo
command. This way, even if an attacker manages to gain access to a user account, they won’t have unlimited privileges.
Disabling Root Login in SSH on Linux
Most Linux distributions come with SSH installed by default. To disable root login in SSH on Linux, follow these steps:
- Log in to your server as the root user.
- Open the SSH configuration file
/etc/ssh/sshd_config
using a text editor. For example, you can use thenano
editor:
nano /etc/ssh/sshd_config
- Find the line that says
PermitRootLogin yes
and change it toPermitRootLogin no
. If the line is commented out, remove the#
character at the beginning of the line. - Save the changes to the file and exit the editor.
- Restart the SSH daemon to apply the changes:
systemctl restart sshd
That’s it! Now, root login is disabled in SSH, and users will have to log in using their own accounts and elevate their privileges using sudo
.
Disabling Root Login in SSH on macOS
macOS also comes with SSH installed by default. To disable root login in SSH on macOS, follow these steps:
- Open the Terminal app.
- Edit the SSH configuration file
/etc/ssh/sshd_config
using a text editor. For example, you can use thenano
editor:
sudo nano /etc/ssh/sshd_config
- Find the line that says
PermitRootLogin yes
and change it toPermitRootLogin no
. If the line is commented out, remove the#
character at the beginning of the line. - Save the changes to the file and exit the editor.
- Restart the SSH daemon to apply the changes:
sudo launchctl stop com.openssh.sshd
sudo launchctl start com.openssh.sshd
That’s it! Now, root login is disabled in SSH on your macOS machine.
Disabling Root Login in SSH on Windows
Windows does not come with SSH installed by default. However, you can install SSH using the OpenSSH client and server for Windows.
To disable root login in SSH on Windows, follow these steps:
- Open the OpenSSH configuration file
sshd_config
using a text editor. The file should be located at C:\ProgramData\ssh\sshd_config`. - Find the line that says
PermitRootLogin yes
and change it toPermitRootLogin no
. If the line is commented out, remove the#
character at the beginning of the line. - Save the changes to the file and exit the editor.
Restart the OpenSSH server to apply the changes:
net stop sshd net start sshd
That’s it! Now, root login is disabled in SSH on your Windows machine.
Conclusion
In this article, we discussed how to disable root login in SSH on Linux, macOS, and Windows. Disabling root login in SSH is an essential step in securing your server or cloud instance against unauthorized access. By forcing users to log in using their own accounts and elevate their privileges using sudo
, you reduce the attack surface and limit the damage that can be done by attackers.
Remember that securing your server or cloud instance is an ongoing process, and you should regularly review and update your security measures to stay ahead of potential threats. If you want to learn more about SSH and security best practices, check out the following external resources:
📕 Related articles about Linux
- How to show running processes in Linux
- How to Connect to SSH Server: A Comprehensive Guide for Software Developers
- How to Remove an Existing User in Linux
- How to create new user in Linux
- How to check 3D acceleration in Linux
- How to remove user from groups in Linux