How to Disable SSH Root Login in Linux?

SSH or secure shell is a network protocol established between two computers on a network to communicate with each other and share data. This protocol is useful in the case of remote access to the machine. SSH makes the work easy and accessible anywhere. Here we will see how to disable SSH Root Login in Linux.

Why Disable SSH Root Login?

Disabling SSH root login reduces the attack surface by preventing direct root access, a prime target for brute-force attacks and limiting potential damage from compromised accounts.

1. Root is Hacker’s 

The root account is the “admin” or “boss” of your Linux machine. They can do:

• Delete or modify any file (even system-critical ones!).
• Install malware, ransomware, or spyware.
• Create secret backdoors for future attacks.

A hacker with root access can:

• Wipe your entire server in seconds with rm -rf /.
• Steal sensitive data (passwords, emails, credit card info).
• Use your machine to attack other computers.

2. Brute-Force Attacks 

Brute-force attacks are like a robot trying every possible combination to guess your password.

• Default username: The username “root” exists on every Linux machine. Hackers don’t need to guess the username—they already know it!
• No login limits: Without protections, bots can try thousands of password guesses per hour.

3. Limit Damage

Even if a hacker breaches your system, disabling root SSH login acts like a firewall between them and total destruction.

Without root access, hackers can’t:

• Install malicious software system-wide.
• Access files outside the compromised user’s permissions.
• Change critical system settings (network, security, etc.).

Installation of Openssh-server and Openssh-client 

The client version is installed on the system if the requirements are only to connect to any available server over the network.

#sudo apt install openssh-client

The server version is installed on the system if the requirement is to make the system available to different ssh clients all over the network.

#sudo apt install openssh-server

Edit SSH access

Before making changes, check if the SSH server is active:

# sudo service ssh status

Disable root ssh login:

# sudo gedit /etc/ssh/sshd_config

The configuration file:

Change this "prohibited-password" to "no":

Now save the file and restart the ssh service using the below commands:

# service ssh restart

Now you have successfully disabled the accessibility of root via ssh protocol.

Verify SSH Root Login Is Disabled

Verifying that you’ve successfully disabled root login is like testing a lock after changing it 

Step 1: Find Your Server’s IP Address 

First, you need your computer’s IP address 

hostname -I 

Step 2: Try Logging In as Root

Open a terminal on another computer (or your local machine) and type:

ssh root@your-server-ip 

If you see the error like this Permission denied (publickey,password) than your root login is disabled.

Conclusion 

Disabling SSH root login is like putting a padlock on your computer’s “admin account” door. Hackers love targeting the root user because it’s the master key to your entire system—they can delete everything, steal secrets, or turn your machine into a hacker tool. By blocking root access over SSH, you’re forcing hackers to guess both a username and a password, which is way harder.