How do I enable root login with ssh?Dave, I've been using ssh like a good Internet citizen to connect to my remote server, but for security reasons the ISP has disabled root login from ssh on every server. Problem is, I really need to be able to log in as root occasionally. How do I re-enable it? First off, are you absolutely sure this is something that you really want to do? Remember, you should have a regular user account already, and it's only a few extra keystrokes to ssh to your account, then use su or sudo to become root for specific tasks. That's what I do, and that's what I recommend too. Further, you already know that you should have a really weird, impossible-to-break or guess root password, right? One tip: most Unixes let you have arbitrarily long passwords, so don't hesitate to do something that's more than the usual 6-8 characters, and, really, add some punctuation and mixed upper/lower case letters, at a minimum. For example, my root password is . See what I mean? More seriously, if you are convinced that you really do want to reenable root login through ssh then you'll want to follow these two simple steps:
Again, make me feel more secure. Make sure you really want to do this, and then make sure that you have a really solid, impossible to guess root password.
Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon
Categorized:
Unix and Linux Help
(Article 3985)
Tagged: Previous: How does MSN Search's Search Builder function work? Next: Microsoft Internet Explorer IE6 can't search from address bar? Subscribe!
Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader. Dave, I'm with you on advising against loging on directyly to root using SSH. It's hard to express how many problems that can cause and how insecure it may be compared to using the console provided by the hosting company. That's the safest way to do it and it isn't that much slower or harder than directly loging on with SSH. I certainly would never do it and would be interested in why he things he needs too log on that way.
Hi, regards, Hi all, Killing the sshd process as a remote user is rather dangerous. You will be logged out with no way to log back in. A better way to do this is to tell sshd to re-read its configuration file (as root): kill -HUP process_id Posted by: Iain Argent at December 19, 2007 3:33 AMHi Dave, Great article! /etc/init.d/sshd restart Cheers, Z- Posted by: Zoltan at March 1, 2008 1:36 PMOk. I just got to say it... What's the big deal about allowing root login on ssh? Seriously. As you say: "make sure that you have a really solid, impossible to guess root password" well, that should be obvious for _every_ user account. Furthermore, if your basic user account has su or sudo access, you can su to root anyway so disabling root login has not gained you any security. Hacker figures out your user account password (because you used your birth date like you do on _all_ you accounts), then she logs in to your machine, su's to root, makes the change in sshd_config and restarts ssh. Ok, now she has root login access. Moral of the story is make better passwords. The only thing the might happen with root login access is: you get a little drunk, forget you're root and run 'rm -Rf /*'. Opps, to bad you weren't logged in as a regular user! Posted by: Trashman at July 27, 2008 8:17 PMYou can also use: service sshd restart Hi i cannot see any thing in the /etc/ssh/sshd_config. This comes up as blank ?? I am doing this as root remotly. Help Posted by: saif shaikh at December 2, 2008 8:08 AMok... but how to enable root to login on ubuntu? I have installed ssh and I can try to log in but after few seconds I receive Access Denied message. Posted by: fisharoundthebend at February 15, 2009 12:23 PMforgot to add that I am trying not to use GUI, just the cli. Posted by: fisharoundthebend at February 15, 2009 12:26 PMthank you.... it helped for me in freebsd 5.5 Posted by: salim at March 8, 2009 9:43 PMdave, i'm getting the following error when im starting the ssh service: "/var/chroot/sshd should be owned by root not group or world-writable". i changed the ownership to root.wheel but still, any idea? Posted by: WISSSOOO at April 28, 2009 1:30 AMWISSOO, I think I'd check the permissions of the enclosing directory in addition to the permissions and ownership of the file itself. Posted by: Dave Taylor at April 28, 2009 6:56 AMI may have root enabled but I also have a powerfull port guard called fail2ban. I have a lot to say, but ...
I do have a comment, now that you mention it!
|
 
Search
Find just the answers you seek from among our 2300+ free tech support articles by using our Lijit search engine.
Help!
Subscribe to
Ask Dave Taylor! 
Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.
Articles and Reviews
Auctions and Online Shopping Blogs and RSS Feeds Building Web site traffic Business and Management Cell Phones and Mobile Phones CGI Scripts and Web Site Programming Computer and Internet Basics d) None of the Above HTML and CSS Industry News and Trade Shows Mac OS X Help MySpace, Facebook, Twitter and Social Network Help Pay Per Click (PPC) Search Engine Optimization Shell Script Programming Sony PSP, MP3 Players, Etc. The Writing Business Unix and Linux Help Video Game Tips and Help Windows Help
Recent Entries
Book Links
|
Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.
![[whiteboard marker tray]](/Graphics/marker-tray.gif){kind=small}
