Allowing root user SSH logins is often considered a less secure method of cloud server management. Best practice suggests that SSH logins for the root user should be disabled. Instead, log in to the Linux operating system as another user and then switch to the root user with sudo to execute commands.

Disabling Root User Login

Edit the SSH configuration file.

vi /etc/ssh/sshd_config

Then, uncomment the following line in the file.

#PermitRootLogin no

Restart the SSH service to apply the changes.

/etc/init.d/ssh restart

Note: After disabling root user logins in this manner, it is still possible to log in as the root user via the console.

Restricting Login from Specific IP Addresses

As mentioned earlier, the best security practice is to disable root user logins. However, if root user logins must be enabled for some reason, security can be enhanced by restricting logins to specific IP addresses.

Edit the SSH configuration file.

vi /etc/ssh/sshd_config

Add the following configuration command to the file, replacing xxx.xxx.xxx.xxx with the actual IP address.

AllowUsers root@xxx.xxx.xxx.xxx

Restart the SSH service to apply the changes.

/etc/init.d/ssh restart