The root account is the most targeted account on a server. If you do not have a firewall configured on your instance that will mean a user can brute force the password on the root account and possibly gain access to the instance. Every instance should have at minimum a software firewall (Install CSF) or the network firewall enabled. To further increase security, root login is disabled by default on the network. To activate root login on your instance we need to make some changes to the default SSH configuration.

Before proceeding, ensure you have the password for your Instance. It is contained in the welcome email we have sent you. Take note. The username of the instance is always the distribution name. If your instance is installed with CentOS then the username you will use will be centos. For Ubuntu, the username will be ubuntu. If Debian is installed, use debian.

Access The Console

F2H provides two permanent connections to your instance. This is a useful tool to access your server when you are unable to access it from the internet. The NoVNC and Xterm consoles connect to instances over a secure internal connection. Even if your instance is not accessible from the internet, it will always be accessible using these consoles.

First, select your instance from the services list located at https://my.f2h.cloud/clientarea.php?action=services. You will now see the Discovery control panel. Click the NoVNC icon to connect to your instance.

To make the required changes to the SSH configuration and activate root logins, log in using the user account and the password provided in the email you have received. See Server Login Information above for details on this. Once logged in, upgrade to the root user

sudo su -

Create Root Passwd

You are now the root user so next, set a password for the root user using the passwd command.

passwd

Next, in the sshd_config file find the following sections and modify them to reflect the next values;

nano /etc/ssh/sshd_config

Allow Root login

#PermitRootLogin yes >>>>>> PermitRootLogin yes

Allow Password Authentication

#PasswordAuthetication yes >>>>>> PasswordAuthentication yes

NOTE- In some distributions, there are two PasswordAuthetication sections. Remove or comment out the duplicate with a #. There should only be one line saying PasswordAuthetication yes So next, we need to activate the new settings and to do this we simply restart the sshd service.

systemctl restart sshd

Remove The User Account

So, root logins have now been enabled. It’s likely you won’t use the user account now. To ensure the server is secure, remove the user account. Logout of the current session and log back into the instance with the root account then, use the userdel command to remove the user account