SSH Root Access Hardening

linux

foundations

security

ssh

Securing SSH access with key-based authentication and root login restrictions

Published

January 30, 2026

SSH Root Access Hardening

Scenario: Secure SSH Configuration

Company: xFusionCorp Industries
Task: Configure secure SSH access for system administrators

🧠 SSH Security Best Practices

SSH is the primary entry point to Linux servers. Hardening SSH is critical for security.

Key Security Measures

Disable Root Login: Never allow direct root SSH
Key-based Authentication: Disable password auth
Port Change: Use non-standard port (optional)
Limit Users: Allow only specific users
Two-Factor Authentication: Add extra layer

🛠️ Implementation

Step 1: Configure SSH for Key Authentication

# Edit SSH config
vim /etc/ssh/sshd_config

# Add or modify:
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
AllowUsers admin developer

Step 2: Restart SSH Service

# Test config first
sshd -t

# Restart service
systemctl restart sshd

Step 3: Generate SSH Keys (if needed)

# On client
ssh-keygen -t ed25519 -C "admin@workstation"

# Copy to server
ssh-copy-id admin@server

✅ Verification

Root login disabled
Password authentication disabled
Key-based login works
Non-allowed users cannot connect

🎯 Key Learnings

SSH hardening fundamentals
Key-based authentication
Service configuration

✅ Status

COMPLETED 🎉

Date: 2026-01-30

← Back to Foundations