Ensuring SSH root login is disabled

CIS recommendation 5.2.8 in version 2.2.0 of the RHEL 7 benchmark is that we should disable remote root logins. We have visited this example already in other guises, and here we will look specifically at the recommendations in the CIS Benchmark document to help us understand how this should be implemented.

The document states that, to audit for this requirement (and thus score this item), the following test result should be observed:

# grep "^PermitRootLogin" /etc/ssh/sshd_config PermitRootLogin no

Note that the command is intended for a human being to interpret the output of it—this command will return the PermitRootLogin line from this file, regardless of whether it is enabled or disabled. The text shows ...

Get Hands-On Enterprise Automation on Linux now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.