≡ Menu

Allow root account to use SSH (openssh)

Q. Previous admin blocked root access to ssh server. How do I allow root account access to ssh server?

A. Allowing direct root access over ssh is a security risk. However following steps will allow you to login as root over ssh session:

Open sshd_config file:
# vi /etc/ssh/sshd_config

Find out line that read as follows:
PermitRootLogin no
Set it as follows:
PermitRootLogin yes

Find out line that read as follows (this line may not exists in your configuration):
DenyUsers root user2 user3
Set is as follows:
DenyUsers user2 user3

Save and close the file. Restart the sshd:
# /etc/init.d/ssh restart

{ 14 comments… add one }

  • Mika April 13, 2007, 7:04 pm

    Your command for sshd is incorrect – should be:
    # /etc/init.d/sshd restart

    You were missing the “d” for sshd

    • Pouman November 14, 2013, 1:47 pm

      i guess you can also use : service sshd restart

  • nixCraft April 14, 2007, 8:59 pm


    It can be ssh or sshd – it depends upon your Linux distro. Redhat/CentOS/FC use sshd and ssh used by Debian or Ubuntu and so on..


  • Paul February 27, 2009, 9:27 pm

    Most people would be wanting to know how to enable this, to secure their boxes. Perhaps the unknown asker doesn’t know how to use sudo or su properly so that you can log in remotely via a safe, unprivileged user account and then, once the connection is secure, issue privileged commands or switch to a privileged account? Or perhaps s/he wishes to have unrestricted access to the computer with no tracking of who issued what commands?

    • Elgs February 13, 2014, 8:03 am

      Sometimes, people need more convenience than safety.

  • Nick Wierdo October 20, 2009, 12:15 am

    just do a ” svcadm restart ssh”

    • Luis García July 18, 2011, 12:20 pm

      That only would work on Solaris :-)

  • Rhea May 12, 2011, 9:57 am


    I wanted to enable root login via ssh in my server, but couldn’t see the below file on the server. Please help.


    • Radu April 23, 2012, 10:36 am

      One year late, but maybe it will be helpful for somebody else:
      it’s possible that you don’t see the sshd_config file because you don’t have the OpenSSH suite (or any other ssh servers) installed on the remote machine.

  • Benjy March 4, 2013, 4:09 am

    You also need to add root to Allowusers

  • Sorin April 18, 2013, 11:11 am

    Hi there :)

    how can you change sshd_config file to enable root ssh access, since you can not login to ssh with root?

    I can only login in ssh with a user password, i have the root password too but first i have to change that file wich is readonly and I can not change it, I tried “chmod a=rwx sshd_config” but “operation not permitted” ..


    • Aram Iskenderian June 14, 2013, 4:43 pm


      This assumes that you have local root access to your server. For Redhat based Linux, you ssh as a non-privileged user, su – and then you become root, and then apply the changes. For Debian based Linux, ssh as a non-privileged user, sudo -i become root, and then apply the changes.

      The whole point in disabling remote root access is to reduce the possibility of your server getting broken into if your root password is weak or server is not up to date in security/updated software.
      Remember not to enable this on a server that has Internet connection and can be reached over the Internet, unless you absolutely have to, and if you did, I strongly recommend tightening your iptables rules, and use something like fail2ban, along with log watch/snort, …etc.

  • Wojtek April 20, 2013, 7:06 pm

    Thanks, tips works on my Debian :).

  • Sirag January 31, 2015, 6:49 pm

    on Ubuntu 14.04.1 LTS \n \l /etc/init.d/ssh restart doens’t work, use instead:
    service ssh restart

Leave a Comment

   Tagged with: