In this Linux tutorial, you will learn how to disable SSH Root Login in Rocky Linux 9 or other Red Hat based Linux distributions.
Table of Contents:
What is SSH? :
SSH stands for Secure Shell. It is a network protocol that provides a secure way for remote access and management of network devices and systems. It allows users to securely log in to a remote computer over a network, execute commands on the remote machine, and transfer files between the local and remote machines.
SSH encrypts all the data transmitted between the client and server, preventing any unauthorized access to the information. This makes it a secure and reliable method for remote access and management of network systems.
SSH uses a client-server model, where the client initiates a connection to the server, and both parties authenticate each other using digital certificates or passwords. Once the connection is established, the client can securely communicate with the server over the encrypted tunnel.
SSH is widely used for remote server administration, file transfers, and tunneling applications. It is supported by most operating systems, including Windows, Linux, and macOS.
Create a Linux Admin User:
By using ssh command, login to your Rocky Linux server as root user.
# ssh root@192.168.116.128 The authenticity of host '192.168.116.128 (192.168.116.128)' can't be established. ED25519 key fingerprint is SHA256:0HIa3JkQYbEmBNv/W6RyztUXEmxtgCheMZSSErNWi5E. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.116.128' (ED25519) to the list of known hosts. root@192.168.116.128's password: Last login: Thu May 4 08:40:40 2023 from 192.168.116.1
Create a Linux Admin user as an alternative to root user.
You can this new admin user for SSH sessions, after disabling the super-admin user.
Execute following commands at Linux terminal to create a Linux admin user and set a password for it.
# adduser ahmer # passwd ahmer Changing password for user ahmer. New password: Retype new password: passwd: all authentication tokens updated successfully.
Edit /etc/sudoers file by using vim text editor or you can execute visudo command to do the same.
# visudo
Add following line in this file to grant sudo permissions to your Admin user.
ahmer ALL=(ALL) ALL
Disable SSH Root Logins:
SSH configuration files are located in /etc/ssh directory.
Edit 01-permitrootlogin.conf file by using vim text editor. The file is already existed on a minimal installed Rocky Linux 9 operating system. For other Linux distributions you may need to create this file.
# vi /etc/ssh/sshd_config.d/01-permitrootlogin.conf
Locate and set following directive in this file.
PermitRootLogin no
Restart SSH Daemon to load configuration changes.
# systemctl restart sshd.service
Now, try to create a SSH session as root user.
# ssh root@192.168.116.128
root@192.168.116.128's password:
Permission denied, please try again.
A 'Permission denied' message confirms that the SSH root logins has been disabled successfully. However, you can still obtain a SSH Shell by using the alternate Admin user that you have created at the start of this tutorial.
Conclusion:
In this Linux tutorial, you have learned how to disable SSH Root login on Rocky Linux 9 or other Red Hat based Linux distributions. If you are new to Linux command-line, then we suggest that you should attend online training: Linux command line for beginners
