Disable SSH Root Logins on RHEL

April 30, 2007 | Filed Under All Stories, Data and Technology 

For one reason or another RHEL does not disallow incoming ssh connections as root. This is, of course a glaring security problem which should be addressed for all systems that allow ssh connections to be made from any but the most restricted networks.

The best practice, of course, would be to make the initial ssh connection as an unprivileged user and then use the “su” command to promote yourself to root. This way, even if an attacker managed to get into the system, it would be as an unprivileged user and they would not able to do much harm. Allowing incoming ssh connections at root leaves you much more exposed to attack. Granted your root password is still protecting you, but it becomes your only layer of defense.

Ok, so how do we disallow incoming ssh connections as root on our RHEL box?

First, edit “/etc/ssh/sshd_config”

Find the section of the file that looks like this:

# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6

Change this line:
#PermitRootLogin yes

To this:
PermitRootLogin no

Restart sshd:
/sbin/service sshd restart

Tags: , , , , , , , , , , , , , ,

Related Articles:

Discuss This Article

One Response to “Disable SSH Root Logins on RHEL”

  1. Buzz on April 9th, 2008 4:51 am #

    Thanks for the info, the every handy google led me to this article.

    I should keep my own notes realy :P


Got something to say?






Post Tags (user submitted): t (364) - sshd_config root (55) - sshd root (40) - ssh_config root (40) - f (28) - rhel ssh (27) - turn off ssh (20) - ssh root (18) - sshd_config disable root (18) - how to disable ssh (18) - spiralbound net (18) - disallow root ssh (16) - disable ssh (14) - dropbear disable root login (13) - disable root login redhat (13) - sshd: root [net] (13) - turn off root ssh (12) - disable ssh redhat (12) - RedHat disable root login (12) - solaris ssh root (12) - redhat ssh root login (11) - rhel root login (11) - dropbear root login (11) - ssh root solaris (11) - RHEL4 SSH (10) - dropbear root (10) - connections (10) - RHEL SSH login without password (10) - sshd root login (9) - enable ssh RHEL (9) - linux disable ssh (9) - disabling ssh in linux (9) - RHEL5 ssh (9) - rhel 5 ssh (9) - SSH disable root (8) - sshd allow root (8) - rhel disable root login (7) - ssh rhel 4 (7) - solaris "root ssh" (7) - how to disable SSH in Linux (7) - disable ssh root login (7) - RHEL 5 disable root login (7) - ssh_config disable root (7) - rhel restart sshd (7) - rhel enable ssh (7) - how to enable ssh in rhel5 (7) - how to enable ssh redhat (7) - how to enable ssh in RHEL 5 (7) - enable ssh on RHEL (7) - disable root ssh (6) - ssh disallow root (6) - disable ssh authentication (6) - RHEL sshd (6) - disabling ssh access (6) - rhel disable root ssh (6) - enable SSH on RHEL 4 (6) - solaris allow root ssh (6) - how to enable ssh in rhel4 (6) - rhel4 sshd (6) - rhel ssh root (6) - how to disable ssh on linux (6) - dropbear disable root (6) - enabling ssh for root (6) - how to enable ssh in redhat linux (6) - sshd_config root login (6) - allow root to ssh (6) - disable ssh for root (6) - disable root login red hat (6) - enable ssh in redhat 4 (6) - redhat 5 ssh (6) - redhat enable root ssh (6) - ssh in RHEL (5) - disable ssh login (5) - how to enable ssh in redhat (5) - ssh disable (5) - restart sshd "rhel" (5) - RHEL ssh access (5) - enable root ssh (5) - sshd_config root disable (5) - ssh turn off password (5) - solaris ssh root login (5) - turn off ssh linux (5) - RHEL ssh enable (5) - redhat allow root ssh (5) - enable root login redhat (5) - disallow root login ssh (5) - ssh + rhel4 (5) - sshd_config disallow root (5) - redhat ssh root (5) - redhat enable ssh (5) - enable ssh redhat 5 (5) - how to enable ssh on RHEL4 (5) - enable ssh root redhat (5) - solaris 10 ssh root (5) - red hat enable ssh (5) - ssh as root solaris (5) - rhel4 enable ssh (4) - rhel winbind (4) - turn off ssh command (4) - ssh root disable (4) - restart ssh RHEL (4) - rhel 4 enable ssh (4) - turn off sshd (4) - ssh root lock (4) - enable root ssh redhat (4) - rhel5 disable root ssh (4) - how to enable ssh in RHEL ? (4) - how to enable ssh for root user (4) - restart ssh redhat (4) - enable ssh redhat (4) - rhel 4 ssh (4) - disable root access RedHat (4) - disable ssh on linux (4) - sshd_config rhel (4) - redhat disable ssh login (4) - disable root login rhel (4) - redhat root ssh login (4) - dropbear PermitRootLogin (4) - ssh disallow root login (4) - sshd_config allow root (4) - rhel sshd restart (4) - redhat enable ssh root (4) - how to enable SSH in Linux (4) - rhel 5 enable ssh (4) - disallow ssh for user (4) - disable root ssh RHEL (4) - RHEL5 enable ssh (4) - sshd_config disable root login (4) - linux disable ssh login (4) - ssh allow root (4) - ENable SSH in RHEL4 (4) - how to disable ssh in redhat (4) - disallow ssh access (4) - disable ssh password (4) - RHEL root ssh (4) - SSH RHEL (4) - root login + RHEL4 (4) - enable ssh in rhel (4) - how to enable ssh in red hat (4) - disallow ssh (4) - ssh_config root login (4) - turn off ssh password authentication in linux (4) - configure ssh in RHEL 4 (4) - enable SSH for root linux red hat (4) - all (3) - rhel enable service (3) - enable ssh on RHEL4 (3) - turn off ssh as root (3) - ssh root authentication (3) - ssh disable root connections (3) -