On every Linux system, the user “root” is created as the first user by default. The root user has the highest privileges and has full access to all commands and files with unlimited read, write and execute permissions. It is important to note that improper or inappropriate use of this user account can have a significant impact on your server.
In this tutorial, you will learn how to disable root login on an Ubuntu system to prevent unauthorized root access via SSH and improve the security of your Linux system.
Disable root login
sudo nano /etc/ssh/sshd_config
...
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
...
Change the value of the PermitRootLogin setting from yes to no:
...
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
...
Save and close the file.
Use the following command to restart the SSH service and apply the settings:
sudo systemctl restart sshd
This command restarts the sshd service with systemctl.
In this step, we changed the configuration file to deny root logins, restarted the sshd service to apply the configuration. Next, test whether root login is disabled or not by trying to log in to your server as root.
Test root login
After you disable root login, try to log in as root in a new terminal session using SSH. Use the following commands depending on your preferred login mechanism.
If you use the password-based login:
ssh root@server_ip
The attempt to SSH as root will fail with an error message like this:
root@server_ip: Permission denied (publickey).