Introduction
Remote root login allows you to connect to your server from another location, providing flexibility and convenience using superuser account details. However, this access presents security risks if not properly managed. Disabling remote root login can help protect your server from unauthorized access and potential attacks.
This article shows you how to disable remote root login on Ubuntu 24.04.
Prerequisites
Before you begin, ensure you've:
- An Ubuntu 24.04 server. We recommend a Digital Ocean VPS server.
- A non-root user with
sudoprivileges. Read our guide onHow to Create a Non-Root Sudo User on Ubuntu 24.04.
Edit the SSH Configuration File
In this section, you will edit the SSH configuration file to disable remote SSH login.
-
Open the SSH configuration file using
nanotext editor.CONSOLE$ sudo nano /etc/ssh/sshd_config -
Find the line that starts with
PermitRootLogin.INIPermitRootLogin yes -
Change the
PermitRootLogindirective value tonoto disable root login via SSH.INIPermitRootLogin no -
Restart the SSH service to apply the new configurations
CONSOLE$ sudo systemctl restart ssh
Verify the Configuration
In this section, you will verify that remote root login is disabled.
-
Use your SSH client, such as PuTTY in Windows or OpenSSH in Linux and macOS and attempt to log in to your server using the
rootuser's credentials.CONSOLE$ ssh root@your_server_ipYou should see a message indicating that the connection is refused or that authentication has failed, confirming you've disabled the remote root login.
Conclusion
You have disabled remote root login on your Ubuntu 24.04 server. This guide covered editing the SSH configuration file, restarting the SSH service, and verifying the configuration. Disabling remote root login enhances the security of your server by preventing unauthorized access. You can now manage your server through SSH using a non-root user with sudo privileges. Consider regularly reviewing and updating your security settings to maintain a secure server environment.