While implementing security tweaks on the server, one of the most important tweak we should perform is to disable direct root login which will force the hacker to have to guess 2 seperate passwords to gain root access.
Following steps will show you how to disable direct root login. If you are using cPanel server make sure you add your admin user to the ‘wheel’ group so that you will be able to ‘su –‘ to root, otherwise you may lock yourself out of root.
1. SSH into your server as ‘admin’ and gain root access by su
2. Copy and paste this line to edit the file for SSH logins
3. Find the line
Protocol 2, 1
4. Uncomment it and change it to look like
5. Next, find the line
6. Uncomment it and make it look like PermitRootLogin no
7. Save the file
8. Now you can restart SSH
Now, no one will be able to login to root with out first loggin in as admin and ‘su –‘ to root, and you will be forcing the use of a more secure protocol. Just make sure you remember both passwords!