Your browser does not allow storing cookies. We recommend enabling them.


Configuring Root Logins

If you want to give someone permission to login directly to the root login account via Secure Shell, you can define three methods of control with the PermitRootLogin configuration parameter in the sshd2_config file:

The default value yes enables root logins with any authentication method:

PermitRootLogin     yes

Use the value no to disable all logins with root privileges:

PermitRootLogin     no

With the value nopwd root logins are allowed only when an authentication method other than password is used:

PermitRootLogin     nopwd

It is also possible to create a separate subconfiguration file for root. See Defining Subconfigurations for more information.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now