By default, many Linux distributions disable root SSH login for security reasons. However, if you need to enable it (for example, in a controlled environment), follow this guide.
π οΈ Step 1: Edit SSH Configuration File
Open the SSH daemon configuration file using:
sudo nano /etc/ssh/sshd_config
Find the following line:
PermitRootLogin prohibit-password
Change it to:
PermitRootLogin yes
If the line doesnβt exist, add it manually.
β
Ensure Password Authentication is Enabled
Look for:
PasswordAuthentication no
Change it to:
PasswordAuthentication yes
Save the file (CTRL+X, then Y, then ENTER).
π Step 2: Restart SSH Service
Apply the changes by restarting SSH:
sudo systemctl restart ssh
π Step 3: Set a Root Password (If Needed)
If the root account doesnβt have a password, set one with:
sudo passwd root
Enter a strong password when prompted.
π Step 4: Allow SSH in Firewall (If Applicable)
If youβre using UFW (Uncomplicated Firewall), allow SSH connections:
sudo ufw allow ssh
π Step 5: Test Root SSH Login
From another machine, try logging in:
ssh root@your-server-ip
If successful, root SSH is now enabled! π
β οΈ Security Warning & Best Practices
Allowing root SSH login can be a security risk. Consider:
Using SSH keys instead of passwords
Disable password authentication and allow only key-based login:
PermitRootLogin without-password
Restricting SSH access to specific IPs
Use firewall rules to allow SSH access only from trusted sources.
Disabling root SSH once it's no longer needed
If you no longer need root SSH, disable it by setting:
PermitRootLogin no
Then restart SSH:
sudo systemctl restart ssh