Les Mikesell <lesmikesell at gmail.com> schrieb am 27.10.2009 16:04:56: > Victor Subervi wrote: > > What I was interested in doing was to make it impossible for root to > > login directly, but rather enable other users to login and then su to > > root. So I edited /etc/ssh/sshd_config to read: > > #PermitRootLogin no > > (It was the dir I didn't know.) It initially said "yes", but it was and > > is commented. How is it that I then and still can login directly as > > root? Is reboot necessary? > > It's not going to have any effect unless you remove the # sign. You > don't need to reboot, but do a 'service sshd restart'. Please, *don't* restart the service. If you fuck up your sshd_config and you have no OOB remote access you're lost. `service sshd reload' is something more recommendable as it doesn't drop your current SSH sessions. Just for the records: Another way would be to set PermitRootLogin to without-password and thus pinning it down to logins via ssh-keys only. Frank.