# SSH root permitted despite "PermitRootLogin no"

## Joseph_sys

When I loged in via ssh on the same network I can access root account even with "PermitRootLogin no"

I have in /etc/ssh/sshd_config

Protocol 2

PermitRootLogin no

AuthorizedKeysFile      .ssh/authorized_keys

RhostsRSAAuthentication no

PasswordAuthentication no

PermitEmptyPasswords no

AllowGroups wheel admin

AllowUsers joseph

UsePAM no

X11Forwarding yes

Subsystem       sftp    /usr/lib/misc/sftp-server

Why?

----------

## n3mo

Did you restarted the sshd daemon after you committed the changes ?

----------

## Joseph_sys

 *n3mo wrote:*   

> Did you restarted the sshd daemon after you committed the changes ?

 

Yes, I restart it sshd and double check the settings; that is why I'm puzzled.

----------

## Joseph_sys

I think I misunderstood the concept.

root login is not permitted but I can login as user and "su" to root.

I was under impression that with the setting "PermitRootLogin no" root long in would not be permitted regardless of user privileges (belong to wheel group).

----------

## LordBug

If you wanted something like that, you'd have to setup SSHD to only allow logins from a specific account(s) that's not part of the wheel group.

----------

## n3mo

PermitRootLogin no, make impossible to someone to ssh into a machine directly with root user.

----------

