How do I disable remote SSH login as root from a server?

root server accounts remote-access

For security purposes my company wants me to not allow anyone to be able to log into our Ubuntu server as root remotely over SSH. We still want the root account to exist, we just do not want it to be able to be logged into remotely. How would I accomplish this?

Thank you very much in advance for your time.


Solution 1:

I assume you meant logging in over SSH? Put the following line to /etc/ssh/sshd_config:

PermitRootLogin no

If you want to deny certain users from logging in, put this in the configuration file:

DenyUsers root

This takes the blacklisting approach. Whitelisting is generally preferable. If your company needs to allow the rob and admin users log in on the server, use the following configuration directive:

AllowUsers rob admin

After making configuration file changes, restart the ssh service using the command:

sudo service ssh restart

See also the manual page.

Solution 2:

Edit the file /etc/ssh/sshd_config, look for

PermitRootLogin

and set it to no.

Related

How do I remove an icon from the top panel in GNOME Fallback mode?
VirtualBox 4.12 Shared clipboard not working in Ubuntu14.04
Terminal command with sudo takes a long time
How do I upgrade Gradle?
Change default width of gnome-terminal and terminator windows
How to display more than 1 terminal simultaneously
How to install Terraform in Ubuntu
Nginx installation error in Ubuntu 16.04
Changing Ownership: "Operation not permitted" - even as root!
What is the difference between upstream and downstream when referring to who to go to as a developer?
How do I extract a password protected .7z file?
What is the correct pronunciation of 'Ubuntu'?