In this article, I will take you through the steps to enable root user for ssh authentication on Ubuntu 20.04 LTS. If you are Linux user or professional then you might be aware that by default on Ubuntu based systems, root user will not be enabled for ssh authentication due to security purposes. You always need to login with non-root user account and then if you need you can switch to root user after providing correct credentials.
While in most of the cases this works really well but some times you might get a situation when you need to have direct root user access to perform some important task. In those situations, you need to enable root user for SSH authentication. This can be easily done using steps shown in below section. More about SSH Protocol.
How to Enable root user for SSH Authentication on Ubuntu 20.04 LTS
Also Read: Best Steps to Install Perl on Rocky Linux 8
Step 1: Prerequisites
a) You should have a running
Ubuntu 20.04 LTS System.
b) You should have
root access to run privileged commands.
c) You should have OpenSSH Server installed in your System.
Step 2: Edit /etc/ssh/sshd_config File
By default if you have check
PermitRootLogin parameter using
grep -i permitrootlogin /etc/ssh/sshd_config command then you will see it is set as
prohibit-password. You need to change this parameter to
yes to enable root user authentication.
root@localhost:~# grep -i permitrootlogin /etc/ssh/sshd_config PermitRootLogin prohibit-password # the setting of "PermitRootLogin without-password".
For that you need to open
/etc/ssh/sshd_config file using our favorite
nano editor and then set the parameter value to
yes. Then Press
Ctrl+X and give
Y to save and close the file.
root@localhost:~# nano /etc/ssh/sshd_config # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. Include /etc/ssh/sshd_config.d/*.conf #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key # Ciphers and keying #RekeyLimit default none # Logging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #MaxSessions 10
After changing the parameter, you can verify it by again by using the same grep -i permitrootlogin /etc/ssh/sshd_config command. This time as you can see the value is set as
yes. It means allow
root user for remote SSH authentication.
root@localhost:~# grep -i permitrootlogin /etc/ssh/sshd_config PermitRootLogin yes # the setting of "PermitRootLogin without-password".
Step 3: Restart SSH service
After setting the parameter, you need to restart ssh service by using systemctl restart ssh command as shown below.
root@localhost:~# systemctl restart ssh
Then check the service status by using
systemctl status ssh command. It should show as active and running as you can see below.
root@localhost:~# systemctl status ssh ● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2021-11-05 09:03:42 IST; 12min ago Docs: man:sshd(8) man:sshd_config(5) Process: 3873 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS) Main PID: 3875 (sshd) Tasks: 1 (limit: 2312) Memory: 2.5M CGroup: /system.slice/ssh.service └─3875 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
Step 4: Login with root
Now you can try login with
root user account using putty or any other SSH tools you are using. Here we are using putty application so we will connect our Server by providing its IP Address
192.168.29.113. It will then ask for login user which will be root and then provide the root password to authenticate. It should login successfully as shown below.
Step 5: Reset root password(Optional)
Sometimes you might face Access Denied error even after changing PermitRootLogin parameter to yes and restarting the ssh service. In that situation, you can reset
root user password once by using
passwd command and then try with the new password.
root@localhost:~# passwd New password: Retype new password: passwd: password updated successfully