Score:0

Sshd root login errors even though root logins are disabled - how to solve?

cn flag

On my Linux server (Ubuntu 18.04.6 LTS) I have set

PermitRootLogin no

in /etc/ssh/sshd_config and reloaded the config with

sudo service sshd reload

But I am still seeing

Mar 14 06:18:02 myhost sshd[30049]: error: maximum authentication attempts exceeded for root from 11.222.111.22 port 16138 ssh2 [preauth]
Mar 14 06:18:02 myhost sshd[30049]: Disconnecting authenticating user root 11.222.111.22 port 16138: Too many authentication failures 

in the logs. So how come? Should root logins be disabled completely? Why even ask for or check a password if root is not allowed?

Score:0
cn flag

You could try a restart rather than a reload as it's a bit more forceful.

Failing that, you could also try adding DenyUser root - it may be that PermitRootLogin still allows root to attempt to login, even though it would never be successful?

Deeepdigger avatar
cn flag
I am still getting the messages after **restart** - no difference here. **DenyUser root** only adds another logline, stating that root is denied
Score:0
us flag

As you said you have disabled root login via PermitRootLogin no. By this, there is no possibility for root user to get login to your OS directly. In the logs you have mentioned, you see root logins because your server is probably published in the internet and robots are trying to login to your OS via root user.

My suggestion is to Disbale root login as you did, and add some Allowed users for example eng for engineers or dev for developers or anyone to your sshd_config file as below.Thus you restrict the SSH login through these users.

AllowUsers eng dev tommy

For better/higher security, its good idea to change your port number from default 22 to something else,and if possible using public/private key authentication instead of password authentication.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.