Details
The recommendation is to edit the /etc/ssh/sshd_config file to disable direct root login. By default direct root login via SSH is enabled.
All root access should be facilitated through a local logon with a unique and identifiable user ID and then via the su command once locally authenticated. Direct root login is extremely insecure and offers little in the way of audit trailing for accountability.
Solution
Edit the /etc/ssh/sshd_config file and disable direct root login for SSH-
vi /etc/ssh/sshd_config
Replace-
#PermitRootLogin yes
With-
PermitRootLogin no
Re-cycle the sshd daemon to pick up the configuration changes-
stopsrc -s sshd
startsrc -s sshd
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.