Linux: Openssh (ssh server) deny root user access
Q. How do I block access to root user over ssh session?
A.. sshd (OpenSSH Daemon) is the daemon program for ssh. Server side ssh configuration is defined in /etc/ssh/sshd_config file.
You need to use DenyUsers option to block access to root user.
This option can be followed by a list of user name patterns, separated by spaces. Login is disallowed for user names that match one of the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts.
Open /etc/ssh/sshd_config file
Use vi command:
# vi /etc/ssh/sshd_config
Deny root user access
Append or modify as follows to block root user:
DenyUsers root
If you want to block additional user just append names to DenyUsers
DenyUsers root, user2, user3
Save and close the file. Restart sshd service:
#/etc/init.d/sshd restart
Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
Related Other Helpful FAQs:
- How do I block an IP on my Linux server?
- Install OpenSSH Server on Asus EEE PC
- Allow root account to use SSH (openssh)
- Ubuntu Linux: Start / stop / restart OpenSSH / ssh server
- How to: Turning off SFTP server under Linux / UNIX cpanel server
Discussion on This FAQ
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: block_root_user, config, logins, openssh, restart_sshd, root_user, sshd, ssh_server, vi_command
August 28th, 2007 at 9:42 am
in /etc/ssh/sshd_config
setting this:
PermitRootLogin no
should also do the same thing, but denyusers works too