Page 1 of 1

How to block SSH root login?

Posted: Mon Feb 11, 2019 9:44 pm
by brightwolf
I would like to block root login, i.e. only allow login via ssh cert and dietpi user. The dietpi user then has to su to root to become root. In /etc/ssh/ssh_config I entered:

Code: Select all

PermitRootLogin no
When trying to login I get the following error: Bad configuration option: permitrootlogin
Luckily I kept myself logged in via an other session, otherwise I would have locked myself out.
What am I doing wrong?

Re: How to block SSH root login?

Posted: Tue Feb 12, 2019 12:04 am
by MichaIng
Strange, the setting is definitely correct. Is it either added doubled or somehow upper case lost (as of your error message)?
How did you edit the file?

To check full file: cat /etc/ssh/ssh_config

Re: How to block SSH root login?

Posted: Tue Feb 12, 2019 8:36 pm
by brightwolf
The setting is not in the file at all. I have therefore added it to the bottom of the file, with the CamelCase notation. Indeed, the error shows only lower case which is not how I entered it. I edited /etc/ssh/ssh_config with nano.

Do you mean me to include the content of the full file here?

Re: How to block SSH root login?

Posted: Tue Feb 12, 2019 8:50 pm
by MichaIng
Yeah, okay let me test this here as well. With nano used no change that somehow the upper case was lost, AFAIK. Perhaps the error output is just fully lower case.

Jep on default config, the entry is not inside, so everything you did should be correct.