Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SSH direct root logins are disabled

Discussion in 'Security' started by Nirjonadda, Apr 22, 2015.

  1. Nirjonadda

    Nirjonadda Well-Known Member

    May 8, 2013
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator

    I have recently disabled SSH direct root logins on my server as some one suggested to do so because i had many security issues.How ever my new problem is now I'm not able to access SSH server anyway.

    When i try to use Putty, i get this error
    "Server refused public-key signature despite accepting key!"
    So basically now i cannot login to SSH via username/password or by the public/private key.
    Also i cannot login via WinSCP or any other tool. It says "Access denied"

    The only way i can get in to my server is via WHM / Web browser.

    So my question is
    * Is there any way to get in to my server root files without SSH? If yes i can remove the SSH direct login restriction.
    * Why WinSCP or Putty not working from public/private keys?

    Thank you very much
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. quizknows

    quizknows Well-Known Member

    Oct 20, 2009
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider
    If you have any way to (or can ask your host to), change the sshd_config setting for PermitRootLogin from "no" to:

    PermitRootLogin without-password

    This will let key based logins work without allowing password logins for root.
    JonTheWong likes this.
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator

    You may want to try running a temporary instance of SSH to see if it allows you to access your server to investigate:

    You would replace "IP" with the server's IP address and the session number with what's displayed in your address bar. Note that this is simply a temporary instance of SSH so you can login and determine what's wrong with the standard SSH service. Then, use the following guide to update your SSH configuration:

    SSH Hardening Guide

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice