I just do not know what is wrong in your case. I do not normally allow root login on my 16.04 test server (or any) computer, so I enabled it just to test this:
also testing that I could disable it again:
Code:
$ sudo passwd -dl root
With this in sshd_config:
Code:
# Authentication:
LoginGraceTime 120
#PermitRootLogin prohibit-password
PermitRootLogin no
StrictModes yes
I could not login as root, but with this:
Code:
# Authentication:
LoginGraceTime 120
#PermitRootLogin prohibit-password
PermitRootLogin yes
StrictModes yes
I could.
Here is the related area of my /var/log/auth.log file:
Code:
Dec 14 08:43:05 s15 sudo: doug : TTY=pts/1 ; PWD=/home/doug/config/etc/ssh ; USER=root ; COMMAND=/bin/cp sshd_config /etc/ssh/sshd_config
Dec 14 08:43:05 s15 sudo: pam_unix(sudo:session): session opened for user root by doug(uid=0)
Dec 14 08:43:05 s15 sudo: pam_unix(sudo:session): session closed for user root
Dec 14 08:43:09 s15 sudo: doug : TTY=pts/1 ; PWD=/home/doug/config/etc/ssh ; USER=root ; COMMAND=/bin/systemctl restart sshd.service
Dec 14 08:43:09 s15 sudo: pam_unix(sudo:session): session opened for user root by doug(uid=0)
Dec 14 08:43:09 s15 sshd[6696]: Received signal 15; terminating.
Dec 14 08:43:09 s15 sshd[7013]: Server listening on 0.0.0.0 port 22.
Dec 14 08:43:09 s15 sudo: pam_unix(sudo:session): session closed for user root
Dec 14 08:43:22 s15 sshd[7032]: Accepted password for root from 192.168.111.101 port 55705 ssh2
Dec 14 08:43:22 s15 sshd[7032]: pam_unix(sshd:session): session opened for user root by (uid=0)
Dec 14 08:43:23 s15 systemd-logind[1056]: New session 14 of user root.
Dec 14 08:43:23 s15 systemd: pam_unix(systemd-user:session): session opened for user root by (uid=0)
Dec 14 08:43:41 s15 sshd[7032]: pam_unix(sshd:session): session closed for user root
Dec 14 08:43:41 s15 systemd-logind[1056]: Removed session 14.
Dec 14 08:43:41 s15 systemd: pam_unix(systemd-user:session): session closed for user root
Dec 14 08:44:03 s15 sudo: doug : TTY=pts/1 ; PWD=/home/doug/config/etc/ssh ; USER=root ; COMMAND=/bin/cp sshd_config /etc/ssh/sshd_config
Dec 14 08:44:03 s15 sudo: pam_unix(sudo:session): session opened for user root by doug(uid=0)
Dec 14 08:44:03 s15 sudo: pam_unix(sudo:session): session closed for user root
Dec 14 08:44:20 s15 sudo: doug : TTY=pts/1 ; PWD=/home/doug/config/etc/ssh ; USER=root ; COMMAND=/bin/systemctl restart sshd.service
Dec 14 08:44:20 s15 sudo: pam_unix(sudo:session): session opened for user root by doug(uid=0)
Dec 14 08:44:20 s15 sshd[7013]: Received signal 15; terminating.
Dec 14 08:44:20 s15 sshd[7171]: Server listening on 0.0.0.0 port 22.
Dec 14 08:44:20 s15 sudo: pam_unix(sudo:session): session closed for user root
Dec 14 08:44:42 s15 sshd[7191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.111.101 user=root
Dec 14 08:44:45 s15 sshd[7191]: Failed password for root from 192.168.111.101 port 55714 ssh2
Dec 14 08:44:58 s15 sshd[7191]: Failed password for root from 192.168.111.101 port 55714 ssh2
Dec 14 08:44:58 s15 sshd[7191]: error: maximum authentication attempts exceeded for root from 192.168.111.101 port 55714 ssh2 [preauth]
Dec 14 08:44:58 s15 sshd[7191]: Disconnecting: Too many authentication failures [preauth]
Dec 14 08:44:58 s15 sshd[7191]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.111.101 user=root
I realize there is no value added in this reply, other than to say it works as expected for me.
Bookmarks