How to access Ubuntu using Root

Question

I have just created a root account on my ubuntu1 server, see below:

packt@ubuntu1:~$ 
packt@ubuntu1:~$ sudo -i
[sudo] password for packt: 
root@ubuntu1:~# 

When I try to ssh this ubuntu server from my centos machine (or any machine for that matter) using the following I get permission denied.

[packt@centos1 ~]$ ssh root@ubuntu1
root@ubuntu1's password: 
Permission denied, please try again.
root@ubuntu1's password: 
Permission denied, please try again.
root@ubuntu1's password: 
Permission denied (publickey,password).
[packt@centos1 ~]$ 

I know I can su into the root from the ubuntu1 machine but I need to access the machine using root from other machines.

Can someone let me know where I'm going wrong?

Answer 1

You're using sudo to get a root shell. This does not mean that you have enabled the root account.

To enable root login, you have to set a password for root:

sudo passwd root

Then you have to edit your sshd_config

 sudo editor /etc/ssh/sshd_config

Change

PermitRootLogin prohibit-password

to

PermitRootLogin yes

Exit the editor, and restart sshd with

sudo systemctl restart openssh-server

Note that this is not recommended. I can't really think of any reasons why you need root access via ssh. Commands can be prepended with sudo, and sudo configured for passwordless use. File copies? You can usually modify the permissions of the destination, so that you don't have to be root.

Answer 2

There could be multiple causes here.

First, many Linux distributions come, or at least suggest that you lock out the root user from ssh. This is because every system comes with root, and it makes it easier to brute-force a machine if you're aware of a user. Not a foolproof, but helpful.

Otherwise, you need to understand that each user has their own password, and it is the password of that user, and the entries found for sudo in /etc/sudoers, that allow a user to successfully execute a command with sudo.

To clarify, when you use this command, you are using the USER password:

sudo su -i

sudo checks if you're allowed to run the command, and also prompts you for your USER password.

When you log into a machine, you use that USER password again. It is unlikely, and a bad practice, to have your USER and your root account share passwords. In this case, since you know the USER password, you would do the following:

ssh USER@myserver
sudo su -

Here, you access the system using the USER account, and known password, and then escalate to root. This solves either problem, and is how you should be escalating to root.

If you discover that your server allows root login, but you were using the password incorrectly, be sure to lock that down. Other Answers to your question are suggesting you allow root login, but instead, I ask that you understand the situation, and stay secure by following this advice instead. Look up ssh hardening, and at least set up fail2ban.

Answer 3

By default, root access is disabled over ssh. You can enable root ssh access or ssh in as normal user and su or sudo.

To enable root login via ssh:

As root, edit the sshd_config file in /etc/ssh/sshd_config :

sudo nano /etc/ssh/sshd_config.

Add a line in the Authentication section of the file that says

PermitRootLogin yes . ...

Save the updated /etc/ssh/sshd_config file. Restart the SSH server:

sudo service sshd restart.

IMPORTANT NOTE

This is not a good solution to the problem, because it exposes root, while the user has a proper user with sudo privileges already. This does not address the problem, but instead provides a workaround that needlessly increases risk and supports bad practice.

Root login using SSH keys (possibly more secure):

If you must root login over SSH it is quite possibly more secure (and easier) to login using SSH keys. The setup is a bit longer, but well outlined in How to set up passwordless SSH access for root user