How to Disable Root Login on Ubuntu 26.04

Disabling direct root login is one of the most important security steps after deploying an Ubuntu server. It helps reduce brute-force attacks and prevents unauthorized access attempts targeting the root account.

Most administrators secure their Linux VPS servers by creating a sudo user and disabling root SSH access immediately after installation.

Step 1: Connect to the Ubuntu Server

Access the server using SSH:

ssh root@your_server_ip

Step 2: Create a New Sudo User

Create a new user account:

adduser newusername

Add the user to the sudo group:

usermod -aG sudo newusername

Verify sudo access before disabling root login.

Step 3: Test the New User Login

Open a new terminal session and connect using the new account:

ssh newusername@your_server_ip

Test sudo permissions:

sudo apt update

Do not continue until the new user works correctly.

Step 4: Open the SSH Configuration File

Edit the SSH daemon configuration:

nano /etc/ssh/sshd_config

Locate this line:

#PermitRootLogin prohibit-password

Change it to:

PermitRootLogin no

Step 5: Save the Configuration

Save and exit Nano:

CTRL + X Y ENTER

Step 6: Restart the SSH Service

Apply the new SSH configuration:

systemctl restart ssh

On some Ubuntu systems, the service may be named:

systemctl restart sshd

Step 7: Verify Root Login Is Disabled

Try connecting as root again:

ssh root@your_server_ip

The login attempt should now be denied.

For additional SSH protection, many administrators also change the default SSH port on Ubuntu to reduce automated attack attempts.

Step 8: Check SSH Service Status

Verify that the SSH service is running correctly:

systemctl status ssh

Disabling root login significantly improves Ubuntu 26.04 server security by forcing administrators to authenticate through standard user accounts with controlled sudo privileges.