Mastering SSH Root Access: Enable or Restrict as Needed

MacBook Air beside green leadf

Sometimes we’re trying to access a server via the terminal and we can’t access the root account. We’re continually provided the message ‘Permission Denied’ yet if you login via a direct console, like Proxmox console or use keyboard + mouse via a IPMI link you’ll login in. Well that’s all down to the SSH config setup and how it’s blocking REMOTE access. That’s the key.

Finally this guide is for helping with remote access for SSH and root accounts, if you’ve disabled root, or setup the server with a different user account other than root, you’ll need to first gain access via that account, then you can follow this guide if you wish to enable root login.

NOTE: This is considered bad practise from a security point of view, realistically you don’t want to allow root login remotely, and instead allow less privileged accounts to have remote access, THEN elevate our self via sudo.

Elevate Your Server Management Game: Enabling Root Login Over SSH

Elevate Your Server Management Game: Enabling Root Login Over SSH

  1. Root Access Initiation:
    • First Step: Access your server with root privileges. It’s the gateway to customizing your SSH settings.
  2. Navigating the SSH Config Maze:
    • The Config Treasure: Dive into the /etc/ssh/sshd_config file. It’s the heart of SSH configurations.
    • Editing Tool of Choice: Launch Vim or your favorite editor (vim /etc/ssh/sshd_config). New to Vim? We’ve got an easy guide for that!
  3. Tweaking the SSH Blueprint:
    • Find the Right Spot: It’s all about location! Insert your changes in the authentication section for clarity.
    • The Magic Line: Add PermitRootLogin yes to open the gates for root access. or uncomment it.
    • Save and Conquer: Lock in your changes and exit the editor.
  4. Rebooting the SSH Engine:
    • Apply the Magic: Get those changes up and running by restarting the SSH server. Pick your style:
      • Systemd style: systemctl restart sshd
      • Service command style: service sshd restart
  5. All Systems Go: Your server is now set to welcome root logins. Enter the realm of root access with ease!

Crafting a More Secure SSH Fortress: Root Login with SSH Keys

  1. SSH Keys – The Secure Path:
    • Shift Gears: Prefer SSH keys for root login? Let’s make it happen.
    • Tweak the Line: Change to PermitRootLogin without-password in your sshd_config.
    • Key Advantage: This setup elevates security, allowing root access exclusively via SSH keys.

Understanding the SSH Guardrails: Permission Denied Scenarios

  1. When Access is a No-Go:
    • The Locked Door Scenario: If root login is disabled or restricted, any attempt to access root via SSH will hit a wall.
    • Terminal Tells All: Trying to log in? If it’s not set up right, you’ll see Permission denied glaring back at you from the terminal.
  2. Universally Compatible: Fear not the version of your Linux server. This guide is a one-size-fits-all for servers with the sshd service.

This guide doesn’t just enable you to open or close the doors to root access; it also helps you understand what happens when those doors are locked, ensuring you’re in full control of your server’s SSH access.