What is the effect of "PermitRootLogin no"?

December 24, 2015 12k views
Linux Basics

I am reading the tutorial
and I want to clarify the use of PermitRootLogin no

If i apply this more restrictive setting, how can I ever log back in as root on a hosted server?

Will ssh work again with root? or is there a console with digitalocean and that will be the only way?

I want to be sure before I commit the irreparable…


2 Answers

As you said, PermitRootLogin no will disable the option to login in directly as root via SSH. This is a good practice. There are usually two other ways left to have root permissions though:

  • Using sudo. Once you login as a different user (for example “john”), if everything is set up correctly, you should be able to invoke sudo commands, which give you temporary root-like access. More on this can be found here - https://www.digitalocean.com/community/tutorials/how-to-edit-the-sudoers-file-on-ubuntu-and-centos - I’d personally recommend using PermitRootLogin no with disabled password authentication, which will only allow you to log in with SSH key.

  • Using console. Console is available via DO control panel, however, it’s mostly used only as a last resort, as it’s not very practical.

by Justin Ellingwood
The sudo command is useful for executing commands with privileges usually outside of the scope of your user. This guide will discuss how to edit the configuration file in order to customize the way sudo functions.

Another option would be to set PermitRootLogin without-password

In this case, it’s possible to log in as root, but only if using an authentication method other than passwords (e.g. SSH Key), it might be the best compromise between security and access for you

Have another answer? Share your knowledge.