Ensure that root login is disabled in the SSHD configuration file (sshd_config). Set PermitRootLogin no.

Disabling root login for SSH is a good security practice to enhance the security of your server. By doing this, you prevent direct root logins, forcing users to log in as a regular user and then use sudo or another privilege escalation method. Here’s how you can disable root login in the SSH configuration file (sshd_config):

1. Connect to Your Server: Open a terminal or connect to your server via SSH.
2. Edit sshd_config File: Use a text editor, such as nano or vi, to edit the sshd_config file. You may need elevated privileges to modify this file.bash
   
   sudo nano /etc/ssh/sshd_config
   or
   sudo vi /etc/ssh/sshd_config
   
3. Find the PermitRootLogin Line: Locate the line in the sshd_config file that begins with PermitRootLogin. If the line doesn’t exist, you can add it.
   
   PermitRootLogin no
   
   This line specifies that root login is not allowed.
   
4. Save and Exit:
   • In nano, press Ctrl + X, then Y to confirm the changes, and finally press Enter.
   • In vi, press Esc, then type :wq and press Enter.
5. Restart SSH Service: After making changes to the sshd_config file, restart the SSH service for the changes to take effect.bash
   
   sudo service ssh restart
   or
   sudo systemctl restart ssh

By setting PermitRootLogin no, you are disabling direct root logins via SSH. After making this change, make sure that you have another user with administrative privileges who can log in and perform administrative tasks using sudo.

Always be cautious when editing configuration files, and ensure that you have a way to access your server in case there are any issues. Additionally, consider having a backup of the sshd_config file before making changes.