Firstly, you should NEVER directly login as root. The root user is all powerful, and can do anything to the system. It is VERY bad if somebody gains access to your server\'s/desktop\'s root account. This how-to will cover Logging in as root, and how to disable direct root login through SSH, which can be a serious issue.

Disclaimer: I cannot be held responsible for anything that happens to your system while following this guide. This guide has worked on all the Linux systems I have tried it on so far. This guide works on all RedHat distros, it has not been tested on anything else.
-----------------------------------------------------------------------------------------

Part I: To "SU" to root:
[list=1]

• Open up a command console or SSH window
• Login as a normal user
• Type the following:

su root

• You will then be prompted for your root password. Enter it.

You will now be logged in as root. For most system tasks you will not need to be logged in as root. Usually you only need to be logged in as root to:

• Run updates
• Check logs
• Create new users and delete old users
• Change user passwords

Most everything else can be accomplised by logging in as the normal user.

-----------------------------------------------------------------------------------------

Part II: Disabling Direct Root Login through SSH
Before you attempt this, you should know how to use vi. Not knowing how to use vi can mess up your SSHD configuration file which will not allow you to login through SSH again.

[list=1]

• Login to your server though SSH as your normal linux user
• Login as root through SU
• Type the following into your SSH window:

vi /etc/ssh/sshd_configNOTE: Be careful while you\'re in this file, changing the wrong thing could disable your SSH daemon making it impossible to do a remote login again.

In this next part, we will be forcing the user of Protocol 2. Protocol 2 is a newer, better, SSH protocol. Make sure your SSH client will work with Protocol 2. If you are unsure, you may skip this section.

• Find the line that says:

Protocol 2, 1

• Uncomment it (remove the # from in front of it) and change it to say:

Protocol 2

• Now find the line that says:

PermitRootLogin yes

• Uncomment that one, and change it to say:

PermitRootLogin no

• Then save the file and exit. Now type

/etc/rc.d/init.d/sshd restartThis will restart SSH.
[/list]

A few things of note...
[list=1]

• If you are using cPanel, then make sure you add your user to the SU Wheel group
• If you are having problems doing things (like running the adduser command) when you su to root, try this:

Instead of su root try
su -l rootTyping "-l" inherits the execute paths for the root user. Using the adduser example, typing "su root" will not inherit the execute path /usr/sbin/adduser, while typing "su -l root" will.
[/list]

Please post comments!
Thanks,