How Can I Disable Root Logins Via ssh On Centos and Setup a su User?
To disable root logins you will need to edit the /etc/ssh/sshd_config file as the root user and uncomment (Remove the # from the beginning) the line containing below and changing the yes to a no.
PermitRootLogin no
After you save the file you will need to create a new user that will be your su user. (If you already have a user you want to use you can skip this step)
Add the user:
adduser mysuuser
Give the user a password:
passwd mysuuser
After you save the file you will need to add a user to the wheel group so they can use the su command. This is done by editing the /etc/group file and adding the user to the end of the wheel line.
Change this line:
wheel:x:10:root
To this line:
wheel:x:10:root,mysuuser
Then save the file.
Once that is done you can then restart sshd by issuing the below command.
/etc/init.d/sshd restart
You will then need to log in as your su user to access your server and issue the su command.
ssh -l suuser host.domain.com
Su to root:
[mysuuser@host:~]$ su -
Password: enter root password here
If you get this error when you try to su to root with your new user:
su: cannot set user id: Resource temporarily unavailable
This is caused by the Shell Fork Bomb Protection feature under the security section of the WHM. Disable option this if you wish to use su to access the root user.
PermitRootLogin no
After you save the file you will need to create a new user that will be your su user. (If you already have a user you want to use you can skip this step)
Add the user:
adduser mysuuser
Give the user a password:
passwd mysuuser
After you save the file you will need to add a user to the wheel group so they can use the su command. This is done by editing the /etc/group file and adding the user to the end of the wheel line.
Change this line:
wheel:x:10:root
To this line:
wheel:x:10:root,mysuuser
Then save the file.
Once that is done you can then restart sshd by issuing the below command.
/etc/init.d/sshd restart
You will then need to log in as your su user to access your server and issue the su command.
ssh -l suuser host.domain.com
Su to root:
[mysuuser@host:~]$ su -
Password: enter root password here
If you get this error when you try to su to root with your new user:
su: cannot set user id: Resource temporarily unavailable
This is caused by the Shell Fork Bomb Protection feature under the security section of the WHM. Disable option this if you wish to use su to access the root user.
Updated on: 07/01/2023
Thank you!