← Rules Catalog
highnetwork
sshd-disable-root-loginDisable SSH root login
Direct root login over SSH must be disabled so administrative access is attributable to an individual account.
sshsshdaccess
Frameworks satisfied
- DISA STIG
- rhel9: RHEL-09-255045 · V-257982 · CAT II
- NIST 800-53
- AC-6IA-2
- CIS Benchmark
- 5.1.20
- ISO 27001
- A.9.2.3
Platforms
rhel 8+rhel 9+ubuntu 20+ubuntu 22+
Check
sshd_config_valuePermitRootLogin no
Remediation
sshd_config_setPermitRootLogin nopersisted to /etc/ssh/sshd_config.d/50-hanalyx.conf