PermitRootLogin set to no but can still use root on Centos Stream 9

MoDoe

1/20/24, 10:49 PM

Im following an RHCSA training course and to disable root I need to set PermitRootLogin to no in the /etc/ssh/sshd_config file and restart sshd using systemctl. I've done all this and can still login as root. Can anyone tell me what to do? Thanks.

Output of ps:

root         836       1  0 14:36 ?        00:00:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root        3929    2956  0 15:03 pts/0    00:00:00 grep --color=auto ssh

Content of /etc/ssh/sshd_config:

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
#RekeyLimit default none
#SyslogFacility AUTH
#LogLevel INFO
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#PubkeyAuthentication yes
AuthorizedKeysFile  .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
#HostbasedAuthentication no
#IgnoreUserKnownHosts no
#IgnoreRhosts yes
#PasswordAuthentication yes
#PermitEmptyPasswords no
#KbdInteractiveAuthentication yes
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
#GSSAPIEnablek5users no
#UsePAM no
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
#Banner none
Subsystem   sftp    /usr/libexec/openssh/sftp-server
#Example of overriding settings on a per-user basis
#Match User anoncvs
#Setting timeout interval
ClientAliveInterval 600
ClientAliveCountMax 0

296

0 + 6

linux

ubuntu

ssh

redhat

centos

larsks

1/20/24, 11:58 PM

Can you paste the contents of your `sshd_config` file (minus comments and blank lines) here in the question, along with the output of `ps -fe |grep ssh`?

djdomi

1/21/24, 8:20 PM

did you closed all open ssh connections?

MoDoe

1/23/24, 3:26 PM

Hi, Ive added the contents of SSHD config and done the grep.

MoDoe

1/23/24, 3:40 PM

Any changes I make to the sshd_config file do not work, even if I restart the server.

olivierg

1/23/24, 7:18 PM

when you mention "i can still login", you are logging in through SSH right ? not through the system "console" ?

MoDoe

1/28/24, 5:46 PM

I can still login through both.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: PermitRootLogin set to no but can still use root on Centos Stream 9

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.