Howto: Disable root login on a server?

How to disable root login and create an alternate SSH user? In order to disable root access on your server, you need to create an alternate SSH user who have privileges to gain root access else you will be locked out of the system.

First, create a user say¬† ‘admin’

# useradd admin

Set a password for the new user

# passwd admin

By default, this user will have privileges to su to root but in case of a cPanel server, you need to add the user in the ‘wheel’ group.

WHM >> Security Center >> “Manage Wheel Group Users”

Once the user is created, follow the steps to disable the root access:

1) Edit the SSHD configuration file ‘sshd_config’:

pico /etc/ssh/sshd_config

2) Search the line

PermitRootLogin yes
and change it to
PermitRootLogin no

Once you are complete with the above changes, save the file and exit. You will have to restart the sshd service for the changes to take effect.

service sshd restart

Now, you will have to SSH to your server as user ‘admin’ and then su to root as follows:

login as: admin
admin@xx.xx.xx.xx’s password:
<admin pass here>
[admin@server ~]$ su –
<root password here>
[root@server ~]#

This entry was posted on Sunday, September 13th, 2009 and is filed under Linux Administration. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.