Following security audits, the security team has rolled out new protocols including the restriction of direct root SSH login.

Task: Your task is to disable SSH root login on all app server within the Stratos Datacenter.  There are three app servers so the following commands need to run on each server to complete the challenge.

The servers/usernames:
stapp01.stratos.xfusioncorp.com tony
stapp02.stratos.xfusioncorp.com steve
stapp03.stratos.xfusioncorp.com banner

Commands used:

ssh tony@stapp01.stratos.xfusioncorp.com
sudo -i
ls -lah /etc/ssh
vi /etc/ssh/sshd_config

Once inside the configuration file,  the line contatining PermitRootLogin needs to be changed from yes to no. As we are using VIM to do this, we use i to insert text and once completed we use esc to finish making the changes.  We then use :wq to write and quit.

#LoginGraceTime 2m
PermitRootLogin yes <- change this from yes to no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

Restart the service and then check its status with:

systemctl restart sshd
systemctl status sshd

Root accounts have unrestricted access,  therefore its a prime target for brute-force attacks. Allowing direct root login eliminates accountability, as it's impossible to trace actions back to individual users. It also encourages poor practices by bypassing the safer, more deliberate use of sudo. Disabling root login reduces the attack surface and enforces better user management, auditing, and overall system security. Instead, administrators should log in with a regular user account and escalate privileges using sudo only when necessary.