i saw in the sshd_config file that root login is disabled for reasons i couldn’t understand.
now, there are cases where i need to transfer files from my machine to the server through sftp/filezilla and that would require a root access because i need to reach the directory /var/www/ .
is it safe and/or the best move to turn root login on for this reason only?
what are the potential risks i might encounter in the future?
Root is disabled on public internet ip, if you are on a local network you should be able to login with root with the local ip of your server (generally yunohost.local could be use).
I’m running Yunohost 11.0.11 which I installed a couple of weeks ago.
I’m curious about the discussion here, because root login is not disabled on my server. I was even able to SSH to the server as root on a WAN interface.
I don’t actually mind that it is so, since I’ve now disabled password login over SSH. But root is not disabled and su + the admin password for Yunohost gives me a root shell. So it seems admin and root share the same password.
I wonder if that was perhaps a quirk of that version?
Root login is enabled on the local network, see the comment at the end of /etc/ssh/sshd_config
Yes, that’s the expected behavior, though since 11.1 is released, we advise to get rid of the legacy admin user and user regular users instead, member of the “admins” group.