|
|
How do I enable root login with ssh?Dave, I've been using ssh like a good Internet citizen to connect to my remote server, but for security reasons the ISP has disabled root login from ssh on every server. Problem is, I really need to be able to log in as root occasionally. How do I re-enable it? First off, are you absolutely sure this is something that you really want to do? Remember, you should have a regular user account already, and it's only a few extra keystrokes to ssh to your account, then use su or sudo to become root for specific tasks. That's what I do, and that's what I recommend too. Further, you already know that you should have a really weird, impossible-to-break or guess root password, right? One tip: most Unixes let you have arbitrarily long passwords, so don't hesitate to do something that's more than the usual 6-8 characters, and, really, add some punctuation and mixed upper/lower case letters, at a minimum. For example, my root password is . See what I mean? More seriously, if you are convinced that you really do want to reenable root login through ssh then you'll want to follow these two simple steps:
Again, make me feel more secure. Make sure you really want to do this, and then make sure that you have a really solid, impossible to guess root password.
More Useful Unix and Linux Help Articles:
✔ Copy and Paste from the Mac OS X Command Line?
I am constantly running commands in Terminal.app on my MacBook and then copying and pasting the results into email messages or documents. Yes,...
✔ Shell script to convert lowercase to title case?As part of a project I'm working on, I find myself deep in a Linux shell script, needing to have a subroutine that...
✔ Can I script renaming files based on an XML data map?I have a folder full of files which are named with four digits and a file extension e.g. 0312.file and an XML-file describing...
✔ Test for valid numbers in a Bash shell script?In a different discussion on this site [see Redirecting input in a shell script] a visitor commented that "I was too busy trying...
✔ Review: iSSH for the iPad/iPhoneIf you're running an online business like I am, there are times when you need to connect and log in to the server...
Let's stay in touch!
Sign up for my weekly AskDaveTaylor Newsletter and you'll receive even more tech and gadget help
right to your inbox, along with exclusive news and industry updates. It's good stuff. I promise!
Categorized:
Unix and Linux Help
(Article 3985,
Written by Dave Taylor)
Tagged: Previous: How does MSN Search's Search Builder function work? Next: Microsoft Internet Explorer IE6 can't search from address bar? Reader Comments To Date: 19chandru said, on February 28, 2006 11:14 PM:
Hi, regards, Reda said, on April 12, 2007 10:28 AM:
Hi all, Iain Argent said, on December 19, 2007 3:33 AM:
Killing the sshd process as a remote user is rather dangerous. You will be logged out with no way to log back in. A better way to do this is to tell sshd to re-read its configuration file (as root): kill -HUP process_id Zoltan said, on March 1, 2008 1:36 PM:
Hi Dave, Great article! /etc/init.d/sshd restart Cheers, Z- Trashman said, on July 27, 2008 8:17 PM:
Ok. I just got to say it... What's the big deal about allowing root login on ssh? Seriously. As you say: "make sure that you have a really solid, impossible to guess root password" well, that should be obvious for _every_ user account. Furthermore, if your basic user account has su or sudo access, you can su to root anyway so disabling root login has not gained you any security. Hacker figures out your user account password (because you used your birth date like you do on _all_ you accounts), then she logs in to your machine, su's to root, makes the change in sshd_config and restarts ssh. Ok, now she has root login access. Moral of the story is make better passwords. The only thing the might happen with root login access is: you get a little drunk, forget you're root and run 'rm -Rf /*'. Opps, to bad you weren't logged in as a regular user! Matt said, on August 28, 2008 11:15 AM:
You can also use: service sshd restart saif shaikh said, on December 2, 2008 8:08 AM:
Hi i cannot see any thing in the /etc/ssh/sshd_config. This comes up as blank ?? I am doing this as root remotly. Help fisharoundthebend said, on February 15, 2009 12:23 PM:
ok... but how to enable root to login on ubuntu? I have installed ssh and I can try to log in but after few seconds I receive Access Denied message. fisharoundthebend said, on February 15, 2009 12:26 PM:
forgot to add that I am trying not to use GUI, just the cli. salim said, on March 8, 2009 9:43 PM:
thank you.... it helped for me in freebsd 5.5 WISSSOOO said, on April 28, 2009 1:30 AM:
dave, i'm getting the following error when im starting the ssh service: "/var/chroot/sshd should be owned by root not group or world-writable". i changed the ownership to root.wheel but still, any idea? Dave Taylor said, on April 28, 2009 6:56 AM:
WISSOO, I think I'd check the permissions of the enclosing directory in addition to the permissions and ownership of the file itself. Felipe said, on July 28, 2009 5:07 AM:
I may have root enabled but I also have a powerfull port guard called fail2ban. Ian Vaughan said, on January 14, 2010 6:45 AM:
I was already successfully logging in as root without this setting enabled. I was however getting "Access denied" printf itbetween the "Loging as..." and "...password:" printfs??? david said, on May 23, 2010 3:05 PM:
also check that at the bottom of the sshd_config file there are not any default deny root etc lines as well as the previous permitting root login. ed said, on July 16, 2010 7:36 PM:
Our host lets us enable root access but then we cannot switch it off. We only want to change php.ini and to have ssh connection. It seems like overkill? What do you recommend Ron Gordon said, on September 30, 2010 7:48 AM:
instead of stopping and starting sshd, which will log you out, us ps -ef|grep sshd to find the pid, then # kill -HUP pid Alex van Rijs said, on November 8, 2010 8:37 AM:
Yesterday one of my clients asked me to give them SSH priviledges to there home directory. So I edited the SSHD_CONFIG file, and added the line: I am only able to log in with admin priviledges an not with root priviledges. And because I don't have these priviledges I cannot restore the SSHD_CONFIG file with the original one. Does anyone have any idea on how to change the SSHD_CONFIG file without root priviledges. Alex van Rijs
I do have a comment, now that you mention it!Check This Out Too... |
Recent Entries
Look for Answers
Recommended
All Our Categories
Apple iPad Help
Articles and Reviews Auctions and Online Shopping Blogs and Blogging Building Web Site Traffic Business and Management Computer and Internet Basics d) None of the Above Facebook Help Google Gmail Help Google Plus Help HTML, JavaScript and Web Site Programming Industry News and Trade Shows iPhone and Cell Phone Help iPod, Sony PSP and MP3 Player Help Kindle Fire Help Mac OS X Help Pay Per Click (PPC) Advertising Pinterest Help Search Engine Optimization (SEO) Shell Script Programming Tech Support Video Help The Writing Business Twitter, LinkedIn and Social Network Help Unix and Linux Help Video Game Tips and Help Windows PC Help Find Me on Google+ ADT on G+ |
Dave,
I'm with you on advising against loging on directyly to root using SSH.
It's hard to express how many problems that can cause and how insecure it may be compared to using the console provided by the hosting company.
That's the safest way to do it and it isn't that much slower or harder than directly loging on with SSH.
I certainly would never do it and would be interested in why he things he needs too log on that way.
F Woodman Jr