SSH direct root logins
Hi
In the Web Host Managers I have
SSH Password Authorization Tweak set to disabled
and I have tested and all SSH logins for all users and root
for password authentication are actually disabled
(ssh key access is working fine)
In WHM Security Advisor
it says
SSH direct root logins are permitted.
and I am wondering -
How important is it for me to
Manually edit /etc/ssh/sshd_config and change PermitRootLogin to "without-password" or "no"
since
having Password Authentication disabled essentially accomplishes the same thing.
Thanks for your advice
Audrey
-
Hello @audrey The "SSH Password Authorization Tweak" sets the following line in /etc/ssh/sshd_config: PasswordAuthentication no
It's not necessary to also update the PermitRootLogin option, as settingPasswordAuthentication no
requires key-based authentication for the root user. Keep in mind however, that if you want to enable password-based authentication for any other SSH users on the server, settingPasswordAuthentication yes
would enable password-based logins for the root user. It would be prudent, but not necessary, to set the PermitRootLogin line toPermitRootLogin without-password
now in case you ever need to change the PasswordAuthentication at some point in the future. I hope you find this helpful!0 -
Thanks Samuel Have a great weekend Take care Audrey 0
Please sign in to leave a comment.
Comments
2 comments