SSH direct root logins

audrey · Sep 24, 2020

Hi

In the Web Host Managers I have
SSH Password Authorization Tweak set to disabled
and I have tested and all SSH logins for all users and root
for password authentication are actually disabled
(ssh key access is working fine)

In WHM Security Advisor
it says
SSH direct root logins are permitted.
and I am wondering -
How important is it for me to
Manually edit /etc/ssh/sshd_config and change PermitRootLogin to “without-password” or “no”
since
having Password Authentication disabled essentially accomplishes the same thing.

Thanks for your advice
Audrey

cPSamuelM · Sep 25, 2020

Hello @audrey

The "SSH Password Authorization Tweak" sets the following line in /etc/ssh/sshd_config:

PasswordAuthentication no

It's not necessary to also update the PermitRootLogin option, as setting PasswordAuthentication no requires key-based authentication for the root user.

Keep in mind however, that if you want to enable password-based authentication for any other SSH users on the server, setting PasswordAuthentication yes would enable password-based logins for the root user. It would be prudent, but not necessary, to set the PermitRootLogin line to PermitRootLogin without-password now in case you ever need to change the PasswordAuthentication at some point in the future.

I hope you find this helpful!

audrey · Sep 26, 2020

Thanks Samuel

Have a great weekend

Take care
Audrey

Thread starter	Similar threads	Forum	Replies	Date
	i cant change sshd_config. ssh direct root logins are permitted.	Security	1	Feb 5, 2021
C	error: rexec of /usr/sbin/sshd failed: No such file or directory	Security	4	Sep 2, 2020
N	SSH direct root logins are disabled	Security	2	Apr 22, 2015
	SSH direct root logins are permitted	Security	12	Nov 21, 2014
P	SSH direct root logins are permitted	Security	5	Nov 26, 2013

Search

Search

SSH direct root logins

audrey

Well-Known Member

cPSamuelM

Technical Analyst Team Lead

audrey

Well-Known Member