you normally should disable root login via sshd for security reasons. So no one can get access directly to root and login with highest privileges
But in some cases root access is needed from management Machines or others.
With the following changes in the sshd_config it should work.
Setup:
open the file /etc/ssh/sshd_config and remove the Line “PermitRootLogin”
$ sed -i 's/^PermitRootLogin/#PermitRootLogin/g' /etc/ssh/sshd_config
this will render the default Setting of PermitRootLogin ineffective.
Now we add the block for the access from specific machines
open file for write:
$ vim /etc/ssh/sshd_config
now copy and paste the following into the config file:
Match Address 127.0.0.1,::1,192.168.1.10
PermitRootLogin yes
Match all
PermitRootLogin no
Adding this to the configuration will allow root login from
- localhost (IPv4)
- localhost (IPv6)
- host 192.168.1.10
From all others (Match all) the access will be denied