2
Undo
Votes
Hello,
I have a new cpanel whm server and I am looking to disable the root user login on the server. Anyone has any idea how I can do that?
I have a new cpanel whm server and I am looking to disable the root user login on the server. Anyone has any idea how I can do that?
Manual Steps to disable SSH login for root user
1) Create a new sudo user
Log in as root via SSH.
Add a new user using the following command:
Set the password of the new username:
Add the user to the wheel group (this gives sudo access on CentOS/CloudLinux/AlmaLinux/Rocky Linux/RHEL):
Verify sudo privileges:
Try a sudo command:
It should return root.
2. Disable root login over SSH
Edit the SSH config file:
Find and modify or add the following line:
Also ensure:
Restart SSH service:
Important: Keep your current SSH session open while testing the new user’s login in a second terminal. If anything fails, you can still revert.
1) Create a new sudo user
Log in as root via SSH.
Add a new user using the following command:
adduser newusername
Set the password of the new username:
passwd newusername
Add the user to the wheel group (this gives sudo access on CentOS/CloudLinux/AlmaLinux/Rocky Linux/RHEL):
usermod -aG wheel newusername
Verify sudo privileges:
su - newusername
Try a sudo command:
sudo whoami
It should return root.
2. Disable root login over SSH
Edit the SSH config file:
nano /etc/ssh/sshd_config
Find and modify or add the following line:
PermitRootLogin no
Also ensure:
PasswordAuthentication yes # If you're using password login (optional)
Restart SSH service:
systemctl restart sshd
Important: Keep your current SSH session open while testing the new user’s login in a second terminal. If anything fails, you can still revert.
Manual Steps to disable SSH login for root user
1) Create a new sudo user
Log in as root via SSH.
Add a new user using the following command:
Set the password of the new username:
Add the user to the wheel group (this gives sudo access on CentOS/CloudLinux/AlmaLinux/Rocky Linux/RHEL):
Verify sudo privileges:
Try a sudo command:
It should return root.
2. Disable root login over SSH
Edit the SSH config file:
Find and modify or add the following line:
Also ensure:
Restart SSH service:
Important: Keep your current SSH session open while testing the new user’s login in a second terminal. If anything fails, you can still revert.
1) Create a new sudo user
Log in as root via SSH.
Add a new user using the following command:
adduser newusername
Set the password of the new username:
passwd newusername
Add the user to the wheel group (this gives sudo access on CentOS/CloudLinux/AlmaLinux/Rocky Linux/RHEL):
usermod -aG wheel newusername
Verify sudo privileges:
su - newusername
Try a sudo command:
sudo whoami
It should return root.
2. Disable root login over SSH
Edit the SSH config file:
nano /etc/ssh/sshd_config
Find and modify or add the following line:
PermitRootLogin no
Also ensure:
PasswordAuthentication yes # If you're using password login (optional)
Restart SSH service:
systemctl restart sshd
Important: Keep your current SSH session open while testing the new user’s login in a second terminal. If anything fails, you can still revert.
Here is a bash script to automate the process of:-
1) Creating a new sudo user
2) Disabling root SSH login
3) Restarting the SSH service
How to Use the script
Save the script:
Paste the script content and save (Ctrl+O, Enter, Ctrl+X)
Make it executable:
Run the script:
1) Creating a new sudo user
2) Disabling root SSH login
3) Restarting the SSH service
#!/bin/bash
# Exit immediately if a command exits with a non-zero status
set -e
# Prompt for username
read -p "Enter the new sudo username: " NEW_USER
# Create the new user
adduser "$NEW_USER"
# Set user password
echo "Set password for $NEW_USER:"
passwd "$NEW_USER"
# Add user to the wheel group for sudo access
usermod -aG wheel "$NEW_USER"
echo "User $NEW_USER added to 'wheel' group for sudo access."
# Backup SSH config
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
# Disable root SSH login
sed -i 's/^#*PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
# Restart SSH service
systemctl restart sshd
echo "SSH service restarted. Root login is now disabled."
echo "Setup complete. Test logging in with:"
echo "ssh $NEW_USER@$(hostname -I | awk '{print $1}')"
How to Use the script
Save the script:
nano setup_sudo_user.sh
Paste the script content and save (Ctrl+O, Enter, Ctrl+X)
Make it executable:
chmod +x setup_sudo_user.sh
Run the script:
./setup_sudo_user.sh
- Page :
- 1
There are no replies made for this post yet.