Please follow the given steps to disable direct root login access to the server via shell prompt.
STEP 1: Create a user and add it to the wheel group
SSH into your server as root and follow the below commands to create a user.
$ groupadd new $ useradd new -gnew $ passwd new
You can create any user instead of “new”.
STEP 2: Add user to wheel group
You can add the user at the end of the ‘group’ file.
$ grep wheel /etc/group wheel:x:10:root
Add the user ‘new':
For CPanel Servers, do the following.
1. Log into your WHM and click on “Manage Wheel Group Users”.
2. Select the user (Here it is “new”) and click ‘Add to group’.
3. Before disable the root access, check if the user can login and su – to gain root privileges.
SSH into your server as ‘new’
Login as: new Password : enteryouruserpasswordhere su – password: enter root password here
STEP 3: Disable Direct Root Login
1. Copy and paste this line to edit the file for SSH logins
$ vi /etc/ssh/sshd_config
2. Find the line
Protocol 2, 1
3. Uncomment it (Remove #) and change it to look like
4. Next, find the line
5. Uncomment it (Remove #) and make it look like PermitRootLogin no
6. Save the file.
Now, no one will be able to login to root with out first logging in as ‘new’ and ‘su -‘ to root.