Disabling root login over SSH
Allowing the root user to log in over SSH is a potential security vulnerability. An attacker may try to break into your system by trying every password for the root user. It's recommended to disallow the root user's access over SSH and to log in as another user with the sudo
privileges to perform administrative tasks.
How to do it...
Perform the following steps to disable root login:
Navigate to Servers | SSH Server | Authentication.
Answer No to the Allow login by root? question.
Click Save.
Back on the SSH Server module screen, click Apply Changes.
How it works...
Webmin updates the SSH configuration file (/etc/ssh/sshd_config
) by setting PermitRootLogin
to no
. From now on, SSH will treat every password entered for the root user as incorrect.