On 12/18/23 21:53, Keith Wright via WLUG wrote:
Does anyone know a quick and easy way to [disallow root login via SSHD]?
I don't think root lockout is enabled by default in Debian. It isn't disabled in the source distribution of OpenSSH-9.6p1, which I just checked. In some popular Linux distros the installation process doesn't ask for a root password, leaving root locked out that way. To disallow root SSH login, edit your /etc/ssh/sshd_config file, and add a line: PermitRootLogin no to the file. There should be a commented default setting about 120 lines down into the config file. Just add the "PermitRootLogin no" line in that region. Alternativly, you can create a new file, perhaps named /etc/ssh/sshd_config.d/no-root-ssh.conf and put the "PermitRootLogin no" line in there. The filename doesn't matter, but whatever name you do chose the filename must end in ".conf" or it will be ignored. Once you've created this file, you'll need to restart the SSHD using: service sshd restart or any of the other normal methods for doing that. --MCV. On 12/18/23 21:53, Keith Wright via WLUG wrote:
I don't remember why I thought that. Maybe it was a decade ago and on a different distribution. I am using Debian.
Does anyone know a quick and easy way to make it so?