In this module, we are going to learn how to login as root over SSH on Ubuntu/Debian machine. Often it is required to SSH into servers as root for administrative reasons. This is disabled by default on most machines but in this article, we will go over this, one step at a time.
Steps to Login as Root Over SSH on Ubuntu Linux
Let’s go over the steps to log in to our Ubuntu machine using an SSH server. In the steps that follow, you’ll be logged as a root user so it is advised that you take precautions while running any specific commands.
Step 1: Install SSH Server On Target
First, we need to make sure that an ssh-server is installed and running on our target machine. To check if we have an ssh-server is installed on our target machine, we can type :
$ apt-cache policy openssh-server
If we don’t have an openssh-server installed, we would get:
openssh-server:
Installed: (none)
..........
In that case, install openssh-server with the apt command as shown below:
$ sudo apt install openssh-server
Step 2: Enable SSH Service
Once we have a ssh-server installed on our machine, we now need to enable it’s services. On some systems, it is enabled as soon as we install the ssh-server package. We can check if it’s running with :
$ systemctl status ssh
If the service is down, we get something like the following :
ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: man:sshd(8)
man:sshd_config(5)
As we can see that at present the service is inactive hence we need to enable it first with :
$ sudo systemctl enable --now ssh
Checking the status of the service now, we should find the following :
ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2021-02-12 04:22:47 IST; 1s ago
Docs: man:sshd(8)
man:sshd_config(5)
Once we are done with this, we are ready to move onto the next step.
Step 3: Edit Config Files
At this point, if we try to login as root over SSH, we would get an error even if we provide the right password.
root@IP's password:
Permission denied, please try again.
root@IP's password:
Permission denied, please try again.
root@IP's password:
root@IP: Permission denied (publickey)
To fix this, open /etc/ssh/sshd_config with your favourite editor and sudo privileges. There we find the following two lines :
# PermitRootLogin prohibit-password
.....
.....
# PubkeyAuthentication yes
Change these lines to :
PermitRootLogin yes
.....
.....
PubkeyAuthentication yes
Save and exit the file. With this, we are finally ready for the last step.
Step 4: Restart The SSH Server
After making the required changes to the said config files, restart the ssh-server with :
$ sudo systemctl restart ssh
Once done, we can now login to our system with a password or with a private key as such :
$ ssh root@IP
Conclusion
Thus, we can now login as root over SSH. However, it is to be noted that it is NOT considered a safe practice to have root login enabled on servers. In case it is imperative to have root login enabled, make sure that you have a very strong password in place to prevent unwanted root access by other users/hackers.