Can't SSH in as root
up vote
27
down vote
favorite
I'm using the default installation of openssh-server for my Ubuntu 14.04 server. I can connect through the console as root like normal, with my username and password. When I try to SSH with the same username/password, however, I repeatedly get Access Denied errors. /var/log/auth.log reports Failed password for root from <ip address> port <port> ssh2, but I'm entering the correct password.
Why can't I connect to the server via SSH, even though the username and password ARE correct?
server ssh password authentication
asked Aug 15 '14 at 16:31
vaindil
2333618
add a comment |
up vote
27
down vote
favorite
I'm using the default installation of openssh-server for my Ubuntu 14.04 server. I can connect through the console as root like normal, with my username and password. When I try to SSH with the same username/password, however, I repeatedly get Access Denied errors. /var/log/auth.log reports Failed password for root from <ip address> port <port> ssh2, but I'm entering the correct password.
Why can't I connect to the server via SSH, even though the username and password ARE correct?
server ssh password authentication
asked Aug 15 '14 at 16:31
vaindil
2333618
possible duplicate of need to connect as **root@my-server-ip** with SSH
– Eliah Kagan
Aug 16 '14 at 2:17
@EliahKagan He he, I had reported that as dupe of this before it had got an answer. :D
– muru
Aug 16 '14 at 3:37
@muru I think either way would be okay, but that one seems a little broader in sccope (more general), has more answers, and has answers suggesting a wider range of solutions. Either way they're closed, answers from one could be mod-merged into the other (or not).
– Eliah Kagan
Aug 16 '14 at 6:06
Possible duplicate of How to enable ssh root access on Ubuntu 14.04
– That Brazilian Guy
Feb 7 '16 at 13:57
If your server is in anyway outward facing please don't enable SSH as root. This is asking for trouble.
– Robby1212
Apr 24 at 15:53
add a comment |
up vote
27
down vote
favorite
up vote
27
down vote
favorite
I'm using the default installation of openssh-server for my Ubuntu 14.04 server. I can connect through the console as root like normal, with my username and password. When I try to SSH with the same username/password, however, I repeatedly get Access Denied errors. /var/log/auth.log reports Failed password for root from <ip address> port <port> ssh2, but I'm entering the correct password.
Why can't I connect to the server via SSH, even though the username and password ARE correct?
server ssh password authentication
asked Aug 15 '14 at 16:31
vaindil
2333618
I'm using the default installation of openssh-server for my Ubuntu 14.04 server. I can connect through the console as root like normal, with my username and password. When I try to SSH with the same username/password, however, I repeatedly get Access Denied errors. /var/log/auth.log reports Failed password for root from <ip address> port <port> ssh2, but I'm entering the correct password.
Why can't I connect to the server via SSH, even though the username and password ARE correct?
server ssh password authentication
server ssh password authentication
asked Aug 15 '14 at 16:31
vaindil
2333618
asked Aug 15 '14 at 16:31
vaindil
2333618
asked Aug 15 '14 at 16:31
vaindil
2333618
asked Aug 15 '14 at 16:31
vaindil
2333618
asked Aug 15 '14 at 16:31
vaindil
2333618
2333618
possible duplicate of need to connect as **root@my-server-ip** with SSH
– Eliah Kagan
Aug 16 '14 at 2:17
@EliahKagan He he, I had reported that as dupe of this before it had got an answer. :D
– muru
Aug 16 '14 at 3:37
@muru I think either way would be okay, but that one seems a little broader in sccope (more general), has more answers, and has answers suggesting a wider range of solutions. Either way they're closed, answers from one could be mod-merged into the other (or not).
– Eliah Kagan
Aug 16 '14 at 6:06
Possible duplicate of How to enable ssh root access on Ubuntu 14.04
– That Brazilian Guy
Feb 7 '16 at 13:57
If your server is in anyway outward facing please don't enable SSH as root. This is asking for trouble.
– Robby1212
Apr 24 at 15:53
add a comment |
possible duplicate of need to connect as **root@my-server-ip** with SSH
– Eliah Kagan
Aug 16 '14 at 2:17
@EliahKagan He he, I had reported that as dupe of this before it had got an answer. :D
– muru
Aug 16 '14 at 3:37
@muru I think either way would be okay, but that one seems a little broader in sccope (more general), has more answers, and has answers suggesting a wider range of solutions. Either way they're closed, answers from one could be mod-merged into the other (or not).
– Eliah Kagan
Aug 16 '14 at 6:06
Possible duplicate of How to enable ssh root access on Ubuntu 14.04
– That Brazilian Guy
Feb 7 '16 at 13:57
If your server is in anyway outward facing please don't enable SSH as root. This is asking for trouble.
– Robby1212
Apr 24 at 15:53
possible duplicate of need to connect as **root@my-server-ip** with SSH
– Eliah Kagan
Aug 16 '14 at 2:17
possible duplicate of need to connect as **root@my-server-ip** with SSH
– Eliah Kagan
Aug 16 '14 at 2:17
@EliahKagan He he, I had reported that as dupe of this before it had got an answer. :D
– muru
Aug 16 '14 at 3:37
@EliahKagan He he, I had reported that as dupe of this before it had got an answer. :D
– muru
Aug 16 '14 at 3:37
@muru I think either way would be okay, but that one seems a little broader in sccope (more general), has more answers, and has answers suggesting a wider range of solutions. Either way they're closed, answers from one could be mod-merged into the other (or not).
– Eliah Kagan
Aug 16 '14 at 6:06
@muru I think either way would be okay, but that one seems a little broader in sccope (more general), has more answers, and has answers suggesting a wider range of solutions. Either way they're closed, answers from one could be mod-merged into the other (or not).
– Eliah Kagan
Aug 16 '14 at 6:06
Possible duplicate of How to enable ssh root access on Ubuntu 14.04
– That Brazilian Guy
Feb 7 '16 at 13:57
Possible duplicate of How to enable ssh root access on Ubuntu 14.04
– That Brazilian Guy
Feb 7 '16 at 13:57
If your server is in anyway outward facing please don't enable SSH as root. This is asking for trouble.
– Robby1212
Apr 24 at 15:53
If your server is in anyway outward facing please don't enable SSH as root. This is asking for trouble.
– Robby1212
Apr 24 at 15:53
add a comment |
3 Answers
3
active
oldest
votes
up vote
61
down vote
accepted
The default setting in Debian (and hence Ubuntu) for OpenSSH Server is to deny password-based login for root and allow only key-based login. Change this line in /etc/ssh/sshd_config:
PermitRootLogin without-password
to
PermitRootLogin yes
And restart the SSH server:
sudo service ssh restart
answered Aug 15 '14 at 16:34
muru
135k19286486
Aha, that did it! Thank you, I greatly appreciate it!
– vaindil
Aug 15 '14 at 16:35
2
@Vaindil But really, as gregory.0xf0 says, if you must log in remotely as root, it's much better to use key-based instead of password-based authentication.
– Eliah Kagan
Aug 16 '14 at 2:16
@Vaindil I second EliahKagan and gregory.0xf0 that key-based authentication is superior to password based. Switch to it if you can.
– muru
Aug 16 '14 at 3:39
It is, by the way, bad practice to allow root login anyways via SSH or via the GUI, you should only ever need root login in cases wheresudois disabled.
– Thomas Ward♦
Aug 16 '14 at 21:27
every while I refer to this post :), thanks!
– vaheeds
May 24 '17 at 7:30
|
show 2 more comments
up vote
1
down vote
Hackers will bang away with root user trying to brute force their way in. If you are going to allow root logins, you should definitely install Fail2Ban, or something similar to protect against brute force attacks. Also use a very hard to guess password without the use of common words.
And, as Vaindil pointed out, a key based login would be far superior. They are not very hard to setup. Here's a link to setup key-based login using PuTTY on windows: https://devops.profitbricks.com/tutorials/use-ssh-keys-with-putty-on-windows/ . But there are lots of others if you are using a different environment to login from.
answered Apr 24 at 15:48
mikekehrli
111
add a comment |
up vote
0
down vote
To me, works changing (Ubuntu 18.04):
sudo nano /etc/ssh/sshd_config
PermitRootLogin prohibit-passwordtoPermitRootLogin yes
PasswordAuthentication notoPasswordAuthentication yes
then, restart ssh service:
sudo service ssh restart
Thanks!
answered Nov 27 at 20:45
Rildomar Lucena
1
add a comment |
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
61
down vote
accepted
The default setting in Debian (and hence Ubuntu) for OpenSSH Server is to deny password-based login for root and allow only key-based login. Change this line in /etc/ssh/sshd_config:
PermitRootLogin without-password
to
PermitRootLogin yes
And restart the SSH server:
sudo service ssh restart
answered Aug 15 '14 at 16:34
muru
135k19286486
Aha, that did it! Thank you, I greatly appreciate it!
– vaindil
Aug 15 '14 at 16:35
2
@Vaindil But really, as gregory.0xf0 says, if you must log in remotely as root, it's much better to use key-based instead of password-based authentication.
– Eliah Kagan
Aug 16 '14 at 2:16
@Vaindil I second EliahKagan and gregory.0xf0 that key-based authentication is superior to password based. Switch to it if you can.
– muru
Aug 16 '14 at 3:39
It is, by the way, bad practice to allow root login anyways via SSH or via the GUI, you should only ever need root login in cases wheresudois disabled.
– Thomas Ward♦
Aug 16 '14 at 21:27
every while I refer to this post :), thanks!
– vaheeds
May 24 '17 at 7:30
|
show 2 more comments
up vote
61
down vote
accepted
The default setting in Debian (and hence Ubuntu) for OpenSSH Server is to deny password-based login for root and allow only key-based login. Change this line in /etc/ssh/sshd_config:
PermitRootLogin without-password
to
PermitRootLogin yes
And restart the SSH server:
sudo service ssh restart
answered Aug 15 '14 at 16:34
muru
135k19286486
Aha, that did it! Thank you, I greatly appreciate it!
– vaindil
Aug 15 '14 at 16:35
2
@Vaindil But really, as gregory.0xf0 says, if you must log in remotely as root, it's much better to use key-based instead of password-based authentication.
– Eliah Kagan
Aug 16 '14 at 2:16
@Vaindil I second EliahKagan and gregory.0xf0 that key-based authentication is superior to password based. Switch to it if you can.
– muru
Aug 16 '14 at 3:39
It is, by the way, bad practice to allow root login anyways via SSH or via the GUI, you should only ever need root login in cases wheresudois disabled.
– Thomas Ward♦
Aug 16 '14 at 21:27
every while I refer to this post :), thanks!
– vaheeds
May 24 '17 at 7:30
|
show 2 more comments
up vote
61
down vote
accepted
up vote
61
down vote
accepted
The default setting in Debian (and hence Ubuntu) for OpenSSH Server is to deny password-based login for root and allow only key-based login. Change this line in /etc/ssh/sshd_config:
PermitRootLogin without-password
to
PermitRootLogin yes
And restart the SSH server:
sudo service ssh restart
answered Aug 15 '14 at 16:34
muru
135k19286486
The default setting in Debian (and hence Ubuntu) for OpenSSH Server is to deny password-based login for root and allow only key-based login. Change this line in /etc/ssh/sshd_config:
PermitRootLogin without-password
to
PermitRootLogin yes
And restart the SSH server:
sudo service ssh restart
answered Aug 15 '14 at 16:34
muru
135k19286486
answered Aug 15 '14 at 16:34
muru
135k19286486
answered Aug 15 '14 at 16:34
muru
135k19286486
answered Aug 15 '14 at 16:34
muru
135k19286486
135k19286486
Aha, that did it! Thank you, I greatly appreciate it!
– vaindil
Aug 15 '14 at 16:35
2
@Vaindil But really, as gregory.0xf0 says, if you must log in remotely as root, it's much better to use key-based instead of password-based authentication.
– Eliah Kagan
Aug 16 '14 at 2:16
@Vaindil I second EliahKagan and gregory.0xf0 that key-based authentication is superior to password based. Switch to it if you can.
– muru
Aug 16 '14 at 3:39
It is, by the way, bad practice to allow root login anyways via SSH or via the GUI, you should only ever need root login in cases wheresudois disabled.
– Thomas Ward♦
Aug 16 '14 at 21:27
every while I refer to this post :), thanks!
– vaheeds
May 24 '17 at 7:30
|
show 2 more comments
Aha, that did it! Thank you, I greatly appreciate it!
– vaindil
Aug 15 '14 at 16:35
2
@Vaindil But really, as gregory.0xf0 says, if you must log in remotely as root, it's much better to use key-based instead of password-based authentication.
– Eliah Kagan
Aug 16 '14 at 2:16
@Vaindil I second EliahKagan and gregory.0xf0 that key-based authentication is superior to password based. Switch to it if you can.
– muru
Aug 16 '14 at 3:39
It is, by the way, bad practice to allow root login anyways via SSH or via the GUI, you should only ever need root login in cases wheresudois disabled.
– Thomas Ward♦
Aug 16 '14 at 21:27
every while I refer to this post :), thanks!
– vaheeds
May 24 '17 at 7:30
Aha, that did it! Thank you, I greatly appreciate it!
– vaindil
Aug 15 '14 at 16:35
Aha, that did it! Thank you, I greatly appreciate it!
– vaindil
Aug 15 '14 at 16:35
2
2
@Vaindil But really, as gregory.0xf0 says, if you must log in remotely as root, it's much better to use key-based instead of password-based authentication.
– Eliah Kagan
Aug 16 '14 at 2:16
@Vaindil But really, as gregory.0xf0 says, if you must log in remotely as root, it's much better to use key-based instead of password-based authentication.
– Eliah Kagan
Aug 16 '14 at 2:16
@Vaindil I second EliahKagan and gregory.0xf0 that key-based authentication is superior to password based. Switch to it if you can.
– muru
Aug 16 '14 at 3:39
@Vaindil I second EliahKagan and gregory.0xf0 that key-based authentication is superior to password based. Switch to it if you can.
– muru
Aug 16 '14 at 3:39
It is, by the way, bad practice to allow root login anyways via SSH or via the GUI, you should only ever need root login in cases where
sudo is disabled.– Thomas Ward♦
Aug 16 '14 at 21:27
It is, by the way, bad practice to allow root login anyways via SSH or via the GUI, you should only ever need root login in cases where
sudo is disabled.– Thomas Ward♦
Aug 16 '14 at 21:27
every while I refer to this post :), thanks!
– vaheeds
May 24 '17 at 7:30
every while I refer to this post :), thanks!
– vaheeds
May 24 '17 at 7:30
|
show 2 more comments
up vote
1
down vote
Hackers will bang away with root user trying to brute force their way in. If you are going to allow root logins, you should definitely install Fail2Ban, or something similar to protect against brute force attacks. Also use a very hard to guess password without the use of common words.
And, as Vaindil pointed out, a key based login would be far superior. They are not very hard to setup. Here's a link to setup key-based login using PuTTY on windows: https://devops.profitbricks.com/tutorials/use-ssh-keys-with-putty-on-windows/ . But there are lots of others if you are using a different environment to login from.
answered Apr 24 at 15:48
mikekehrli
111
add a comment |
up vote
1
down vote
Hackers will bang away with root user trying to brute force their way in. If you are going to allow root logins, you should definitely install Fail2Ban, or something similar to protect against brute force attacks. Also use a very hard to guess password without the use of common words.
And, as Vaindil pointed out, a key based login would be far superior. They are not very hard to setup. Here's a link to setup key-based login using PuTTY on windows: https://devops.profitbricks.com/tutorials/use-ssh-keys-with-putty-on-windows/ . But there are lots of others if you are using a different environment to login from.
answered Apr 24 at 15:48
mikekehrli
111
add a comment |
up vote
1
down vote
up vote
1
down vote
Hackers will bang away with root user trying to brute force their way in. If you are going to allow root logins, you should definitely install Fail2Ban, or something similar to protect against brute force attacks. Also use a very hard to guess password without the use of common words.
And, as Vaindil pointed out, a key based login would be far superior. They are not very hard to setup. Here's a link to setup key-based login using PuTTY on windows: https://devops.profitbricks.com/tutorials/use-ssh-keys-with-putty-on-windows/ . But there are lots of others if you are using a different environment to login from.
answered Apr 24 at 15:48
mikekehrli
111
Hackers will bang away with root user trying to brute force their way in. If you are going to allow root logins, you should definitely install Fail2Ban, or something similar to protect against brute force attacks. Also use a very hard to guess password without the use of common words.
And, as Vaindil pointed out, a key based login would be far superior. They are not very hard to setup. Here's a link to setup key-based login using PuTTY on windows: https://devops.profitbricks.com/tutorials/use-ssh-keys-with-putty-on-windows/ . But there are lots of others if you are using a different environment to login from.
answered Apr 24 at 15:48
mikekehrli
111
answered Apr 24 at 15:48
mikekehrli
111
answered Apr 24 at 15:48
mikekehrli
111
answered Apr 24 at 15:48
mikekehrli
111
111
add a comment |
add a comment |
up vote
0
down vote
To me, works changing (Ubuntu 18.04):
sudo nano /etc/ssh/sshd_config
PermitRootLogin prohibit-passwordtoPermitRootLogin yes
PasswordAuthentication notoPasswordAuthentication yes
then, restart ssh service:
sudo service ssh restart
Thanks!
answered Nov 27 at 20:45
Rildomar Lucena
1
add a comment |
up vote
0
down vote
To me, works changing (Ubuntu 18.04):
sudo nano /etc/ssh/sshd_config
PermitRootLogin prohibit-passwordtoPermitRootLogin yes
PasswordAuthentication notoPasswordAuthentication yes
then, restart ssh service:
sudo service ssh restart
Thanks!
answered Nov 27 at 20:45
Rildomar Lucena
1
add a comment |
up vote
0
down vote
up vote
0
down vote
To me, works changing (Ubuntu 18.04):
sudo nano /etc/ssh/sshd_config
PermitRootLogin prohibit-passwordtoPermitRootLogin yes
PasswordAuthentication notoPasswordAuthentication yes
then, restart ssh service:
sudo service ssh restart
Thanks!
answered Nov 27 at 20:45
Rildomar Lucena
1
To me, works changing (Ubuntu 18.04):
sudo nano /etc/ssh/sshd_config
PermitRootLogin prohibit-passwordtoPermitRootLogin yes
PasswordAuthentication notoPasswordAuthentication yes
then, restart ssh service:
sudo service ssh restart
Thanks!
answered Nov 27 at 20:45
Rildomar Lucena
1
answered Nov 27 at 20:45
Rildomar Lucena
1
answered Nov 27 at 20:45
Rildomar Lucena
1
answered Nov 27 at 20:45
Rildomar Lucena
1
1
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f511833%2fcant-ssh-in-as-root%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
possible duplicate of need to connect as **root@my-server-ip** with SSH
– Eliah Kagan
Aug 16 '14 at 2:17
@EliahKagan He he, I had reported that as dupe of this before it had got an answer. :D
– muru
Aug 16 '14 at 3:37
@muru I think either way would be okay, but that one seems a little broader in sccope (more general), has more answers, and has answers suggesting a wider range of solutions. Either way they're closed, answers from one could be mod-merged into the other (or not).
– Eliah Kagan
Aug 16 '14 at 6:06
Possible duplicate of How to enable ssh root access on Ubuntu 14.04
– That Brazilian Guy
Feb 7 '16 at 13:57
If your server is in anyway outward facing please don't enable SSH as root. This is asking for trouble.
– Robby1212
Apr 24 at 15:53