Securing SSH - morgan-hanrahan/Tech-Journal GitHub Wiki

Disabling SSH Root User Access

1. Login to the dhcp01 on PuTTY
2. Open the ssh config file to edit:
   • sudo vi /etc/ssh/sshd_config
3. In the file, search for the PermitRootLogin line
   • delete the # in the beginning of the line
   • change it to say PermitRootLogin no
4. After the changes are saved you must restart the service
   • systemctl restart sshd

When the root can't login anymore, we can capture the failure in the logs. This is accomplished by running the command:

• cat /var/log/secure | grep "not met"
  • make sure you are in root when you do this