• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
NameHero Blog

NameHero Blog

Web Hosting Tips & Resources From NameHero

  • Web Hosting
  • Reseller Hosting
  • Managed Cloud
  • Domains
  • Account
  • Blog Home
  • Categories

How To Disable Root SSH Login In WHM

Bhagwad Park

Published on: June 22, 2020

Categories: VPS Hosting 0

If you haven’t already done so by now, read my earlier tutorial on how to change your SSH port on a NameHero VPS. But that’s just the first step in hardening your server! There’s a lot more to be done. And probably the most important step is to disable root SSH logins. In this tutorial, I’ll explain how to achieve this in WHM when you first set up a NameHero VPS.

Why Disable Root Logins?

Many reasons. For one, the “root” user is common across all installations, so it makes it that much easier for potential hackers to try and compromise your system when they already know one half of the equation – the username. But if you disable root logins, you don’t even allow them to get past the first step. Now they’ll need to guess the username as well.

But disabling root has another purpose – it forces you to log in as a user that doesn’t have complete control over the system. This means that a malicious script that insinuates itself into the system through you, won’t be able to have root access to the server. In general, it’s a good idea to get into the habit of not logging in as root. If you want to perform root actions, you’ll be able to temporarily elevate your privileges to get specific things done.

Step 1: Ensure that You can Run Sudo Commands

Before disabling root login, you need to make sure that you can run administrative commands without root if necessary. Otherwise you’ll find that you can’t make any meaningful changes, and that you’ve locked yourself out of the system! Luckily, you can easily allow a user to run admin commands via “sudo”. Just follow my earlier tutorial on how to use the “visudo” tool to safely add usernames to the list of accounts that are allowed to use sudo.

Step 2: Install a File Manager in WHM

I’d mentioned in an earlier tutorial, that it’s best if you perform most actions from the command line. However, since this tutorial is about WHM, we’re going to have to install a file manager so that you can make the necessary changes.

Luckily, the same folks who provide the ConfigServer firewall plugin, have an excellent file manager utility. Installing it simple – just execute these commands on your server and you’ll find the new file manager plugin in WHM like this:

Install the ConfigServer File Explorer
Install the ConfigServer File Explorer

In the plugin section, just click the ConfigServer Explorer icon to enter the file manager.

Step 3: Modify the sshd_config File

Once you open the file explorer, navigate to the following file:

/etc/ssh/sshd_config

As shown here:

Find the sshd_config File
Find the sshd_config File

Click the “Edit” button on the right-hand side. This will open up the file for editing. Scroll down until you find the following line:

#PermitRootLogin yes

Find the PermitRootLogin Line
Find the PermitRootLogin Line

Remove the hash (#) at the beginning of the line, and change “yes” to “no” like this:

Uncomment the Line to Disable Root Logins
Uncomment the Line to Disable Root Logins

Then save your changes.

Step 4: Restart the SSH Service

Once you’re done, restart the SSH service by searching for it in the WHM box on the left-hand side. Select the “SSH Server (OpenSSH) line item at the bottom and confirm that you want to restart the service like this:

Restart SSH
Restart SSH

Wait for the service to restart, and you’re done. You have now successfully disabled root logins on your NameHero VPS!

Bhagwad Park Profile Picture
Bhagwad Park

I’m a NameHero team member, and an expert on WordPress and web hosting. I’ve been in this industry since 2008. I’ve also developed apps on Android and have written extensive tutorials on managing Linux servers. You can contact me on my website WP-Tweaks.com!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Follow & Subscribe

Exclusive promos, content and more!

Most Popular Posts

NameHero’s Recommended WordPress Plugin and Theme Setup (2023)

How To Increase The InnoDB Buffer Pool Size

How To Fix A Stuck All-in-One WP Migration Import

How To Add A Subdomain In Cloudflare

How To Inline And Defer CSS On WordPress Without Plugins

Top Categories

  • WordPress
  • Website Performance
  • Web Hosting
  • Resellers
  • Website Security
  • VPS Hosting
  • Website Development
  • SEO Tips
  • Announcements
  • Domain Registration
NameHero

NameHero proudly provides web hosting to over 40,000 customers with 99.9% uptime to over 750,000 websites.

  • Master Card
  • Visa
  • American Express
  • Discover
  • Paypal
Name Hero
  • Web Hosting
  • Reseller Hosting
  • Managed Cloud
  • Domains
Help & Support
  • NameHero Blog
  • Knowledgebase
  • Announcements
  • Affiliates
Company
  • About Us
  • Contact Sales
  • Reviews
  • Uptime
  • We're Hiring

Copyright © 2023 NameHero, LLC. All rights reserved.

  • Privacy Policy
  • Terms of Use
  • Acceptable Use Policy
  • Payment Policy
  • DMCA