Linux Server setup

Deny root login

By installing Ubuntu Server Live, the root user is locked for logins by default.

This subchapter can be skipped.

Continue to Deny password based login.

The root user should no longer be able to log in directly. If we want to act in the future times as root user, we can log in with another user and change over the terminal to the root. But usually the sudo keyword is quite sufficient to make all the necessary settings on the server.

Let's open the SSH configuration again:


__$ sudo nano /etc/ssh/sshd_config
 

PermitRootLogin we comment in and set the value to no. This prevents the root user from logging in externally.

Excerpt from /etc/ssh/sshd_config


...
PermitRootLogin no
...

After saving, we restart the SSH service again:


__$ sudo systemctl restart sshd
 

To make sure that everything is configured correctly, you can try to log in as root without a key file.