How To Disable Root Login On Ubuntu VPS Server

Root login is one of the biggest security risks on Linux VPS servers.

By default,
many VPS servers allow:

direct root SSH access

This makes servers highly attractive to:

• brute-force attacks
• automated bots
• malicious login attempts
• unauthorized access attempts

Disabling root login significantly improves VPS security.

In this guide,
you will learn how to disable root login on an Ubuntu VPS server step-by-step.

Why Disable Root Login?

Disabling direct root login helps:

• reduce brute-force attacks
• improve SSH security
• protect critical server access
• improve infrastructure hardening
• minimize unauthorized access risks

Most production Linux servers disable direct root SSH access.

How Secure Login Should Work

Instead of logging in as:

root

you should:

• create a normal user
• grant sudo privileges
• login using that user
• use sudo for administrative tasks

This creates an additional security layer.

IMPORTANT WARNING

Before disabling root login:

• create a sudo user first
• verify sudo access works
• test new SSH login
• keep current SSH session active

Incorrect setup may:

lock you out of your VPS server

Always test new user access before disabling root login.

Prerequisites

Before starting,
ensure you have:

• Ubuntu VPS server
• root access
• SSH access enabled

Recommended operating system:

Ubuntu 22.04 LTS

Step 1 — Connect To VPS Server

Connect using SSH.

Command:

ssh root@your-server-ip

Example:

ssh root@192.168.1.10

Step 2 — Create New User

Create a new user account.

Command:

adduser djuser

Replace:

djuser

with your preferred username.

You will be asked to:

• create password
• enter user information

Step 3 — Grant Sudo Privileges

Add user to sudo group.

Command:

usermod -aG sudo djuser

This allows administrative access using:

sudo

Step 4 — Test New User Login

Open NEW terminal window.

Connect using new user.

Command:

ssh djuser@your-server-ip

Example:

ssh djuser@192.168.1.10

Step 5 — Verify Sudo Access

After login,
test sudo privileges.

Command:

sudo apt update

If successful,
sudo access is working properly.

Step 6 — Open SSH Configuration File

Edit SSH configuration.

Command:

nano /etc/ssh/sshd_config

Step 7 — Locate Root Login Setting

Find:

PermitRootLogin yes

or:

#PermitRootLogin yes

Step 8 — Disable Root Login

Change setting to:

PermitRootLogin no

This disables direct root SSH access.

Step 9 — Save Configuration File

Save changes and exit editor.

For Nano editor:

• press CTRL + X
• press Y
• press ENTER

Step 10 — Test SSH Configuration

Test SSH configuration syntax.

Command:

sshd -t

If no errors appear,
configuration is valid.

Step 11 — Restart SSH Service

Restart SSH service.

Command:

systemctl restart ssh

or:

systemctl restart sshd

depending on Ubuntu version.

Step 12 — Verify Root Login Disabled

Open NEW terminal window.

Try connecting as root.

Command:

ssh root@your-server-ip

Access should now fail.

Your normal sudo user should still work properly.

Important SSH Security Recommendations

For stronger VPS security:

• use SSH keys
• change default SSH port
• install Fail2Ban
• configure firewall
• use strong passwords
• monitor authentication logs

Security should always use multiple layers.

Important User Management Commands

Create User

adduser username

Grant Sudo Access

usermod -aG sudo username

Switch User

su - username

Restart SSH Service

systemctl restart ssh

Check SSH Status

systemctl status ssh

Common Errors

Permission Denied Error

Possible causes:

• incorrect password
• missing sudo privileges
• SSH key authentication issues

SSH Service Failed To Restart

Test configuration:

sshd -t

Fix configuration errors before restarting service.

Locked Out Of Server

Possible causes:

• disabled root login before creating sudo user
• incorrect SSH configuration
• firewall issues

Always test access before closing active SSH session.

Why Businesses Disable Root Login

Businesses disable root login because it improves:

• server security
• infrastructure protection
• access control
• compliance readiness
• VPS hardening

Production infrastructure should never rely on unrestricted root SSH access.

Why Choose DJ Technologies VPS Hosting

DJ Technologies Linux VPS hosting provides:

• enterprise virtualization
• advanced infrastructure security
• premium low latency network
• NVMe SSD infrastructure
• scalable cloud resources
• secure VPS environments
• DDoS protection
• 24×7 technical support

Our VPS infrastructure is optimized for:

• secure Linux hosting
• enterprise workloads
• SaaS infrastructure
• business applications
• scalable cloud environments

Final Thoughts

Disabling root login is one of the most important Linux VPS security practices.

By properly configuring:

• sudo users
• SSH security
• authentication hardening
• access controls

you can significantly improve:

• server protection
• VPS security
• infrastructure stability
• attack prevention
• business reliability.