https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066224#M6572 My first thought would be to eliminate this direcotry:<BR /><BR />$HOME/.ssh<BR /><BR />Or just change the permissions to 000<BR /><BR />Just do that on any box you want to stop ssh root logins in roots home directory.<BR /><BR />I think at that point you will get authentication errors if you try and ssh as root.<BR /><BR />If you exchange public keys between the machines, you can safely run ssh between boxes. I'm sure you have a reason for doing this, Secure Shell is safe for root. As far as I know anyway.<BR /><BR />SEP Mon, 08 Sep 2003 18:57:49 GMT Steven E. Protter 2003-09-08T18:57:49Z https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066223#M6571 Hi all:<BR /><BR />Got RedHat versions 7 and above.<BR />Received info on pam/su stuff to prevent non-wheel group members from becoming root. Have setup the securetty file.<BR /><BR />I also have ssh 3.5.1p1 installed on the Linux systems and on HPUX 11.00.<BR /><BR />I am still able to ssh root@linux from the HP system. I need to stop this from happening. I want to block ssh root@linux and force the users to login as themselves 1st then become root (if a member of wheel).<BR /><BR />How can I stop ssh root@linux?<BR /><BR />Many thanks! Mon, 08 Sep 2003 18:43:18 GMT https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066223#M6571 Rick Garland 2003-09-08T18:43:18Z https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066224#M6572 My first thought would be to eliminate this direcotry:<BR /><BR />$HOME/.ssh<BR /><BR />Or just change the permissions to 000<BR /><BR />Just do that on any box you want to stop ssh root logins in roots home directory.<BR /><BR />I think at that point you will get authentication errors if you try and ssh as root.<BR /><BR />If you exchange public keys between the machines, you can safely run ssh between boxes. I'm sure you have a reason for doing this, Secure Shell is safe for root. As far as I know anyway.<BR /><BR />SEP Mon, 08 Sep 2003 18:57:49 GMT https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066224#M6572 Steven E. Protter 2003-09-08T18:57:49Z https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066225#M6573 Did some digging, found it.<BR /><BR />In the /etc/ssh/sshd_config file is an entry for PermitRootLogin - set this value to no.<BR /><BR /> Mon, 08 Sep 2003 19:25:45 GMT https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066225#M6573 Rick Garland 2003-09-08T19:25:45Z https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066226#M6574 change /etc/ssh/sshd_config<BR /><BR />#PermitRootLogin yes (already comment out)<BR /><BR />add this line<BR />PermitRootLogin no<BR /> Wed, 10 Sep 2003 08:01:45 GMT https://community.hpe.com/t5/operating-system-linux/prevent-ssh-from-login-as-root/m-p/3066226#M6574 Vincent Woo 2003-09-10T08:01:45Z