For security reasons it is not a good idea to permit ssh root direct login, it is better to login as another user, and then switch to root using the ‘su -‘ comand, to do this, you need to disable root from login directly using ssh protocol, this will decrease the possibility of a hacker breaking your linux box, as now he will have to guess your user name and your password

Ok, let’s go and see to make this. Edit the file /etc/ssh/sshd_config

vi /etc/ssh/sshd_config

(you can use your favorite text editor)

I strongly recommend you to open two logins if doing this from a remote connection, and never close one of them, in case you need to roll back the configuration

locate this line with, writing this onces editing with vi or vim

:/Protocol

if it says

Protocol 2, 1

change it to:

Protocol 2

This will enable only ssh2 which is more secure that ssh, do not do this if you need to log with a client that only support ssh, and not ssh2 protocol.

Next locate this line “PermitRootLogin yes” by entering this on your vi or vim editor

:/PermitRootLogin yes

and change it to this:

PermitRootLogin no

and save the file, with this:

shift+zz

now restart the ssh service. If Fedora or CentOS <p class="codigo">/etc/init.d/sshd restart</p>

If Debian or Ubuntu <p class="codigo">/etc/init.d/ssh restart</p>

Test that you can login and gain root access with ‘su -‘ (without quotes), before, you left your root remote connection

Related Links http://www.go2linux.org/denyhosts-secure-your-linux-against-dictionary-attacks http://linux.go2linux.org/taxonomy/term/3