1

I have read a lot of documentation on disabling root user login via ssh for security reasons. I have set in /etc/ssh/sshd_config

PermitRootLogin no

If I disable root login then boot need to assume user name and password also.

If I set 

PermitRootLogin without-password

Then it is secure to do this. If I use my sshkey is it secure? Please explain.

Zanna
  • 70,465
LOKESH
  • 169
  • if I find a machine at 10.10.10.10 (or any ip address) I may not know the owner, or usernames that are allowed to login. an nmap will possibly tell me the OS that is likely to be run, but if it responds to ssh I can be pretty sure the machine knows what user 'root' will be. by allowing a keyed root access you make it [slightly] easier for hackers/baddies. – guiverc Nov 25 '17 at 05:21
  • There's a reason without-password is the default. – muru Nov 25 '17 at 05:21
  • @guiverc please elaborate in detail. If any document then give me link – LOKESH Nov 25 '17 at 05:26
  • the point i was trying to make is by allowing 'root' to login from remote; you've saved the hacker/baddie from guessing [or brute-forcing] a valid username. as starting with 'root' is likely a top (first) guess – guiverc Nov 25 '17 at 05:35
  • @guiverc - Not really . The default is "The default is prohibit-password" – Panther Nov 25 '17 at 05:35
  • @Panther do you have any documentation? – LOKESH Nov 25 '17 at 05:37
  • @Panther hmm, it was without-password in 14.04, must have changed in between – muru Nov 25 '17 at 05:41
  • @muru changed 16.04 or so, not sure when – Panther Nov 25 '17 at 05:44

1 Answers1

3

From the man page man sshd

PermitRootLogin

Specifies whether root can log in using ssh(1). The argument must be yes, prohibit-password, without-password, forced-commands-only, or no. The default is prohibit-password.

If this option is set to prohibit-password or without-password, password and keyboard-interactive authentication are disabled for root.

If this option is set to forced-commands-only, root login with public key authentication will be allowed, but only if the command option has been specified (which may be useful for taking remote backups even if root login is normally not allowed). All other authentication methods are disabled for root.

So, "without-password" allows root to log in via any method EXCEPT password authentication. This can include ssh keys and kerberos.

IMO this is a secure option.

See also What does 'without password' mean in sshd_config file?

Community
  • 1
Panther
  • 102,067
  • After setting this, can attacker hack my server? – LOKESH Nov 25 '17 at 05:55
  • @LOKESH hacking a server is still possible in any number of ways, but at least this way you ensure that attacker cannot log in as root via ssh, i.e. hacking via ssh and root account won't be one of the ways – Sergiy Kolodyazhnyy Nov 25 '17 at 06:09