SSH how to disable user or root user from login using ssh

 https://www.linuxshelltips.com/disable-ssh-user-login/

Disable SSH Access to User

You can log in to a system using SSH with any user, using the following syntax:

$ ssh tempuser@localhost

SSH User Login

Right now, SSH access is allowed on my machine for all users. Let us now deny access to a particular user called ‘tempuser‘.

Open file ‘/etc/ssh/sshd_config’ in any text editor.

$ sudo vim /etc/ssh/sshd_config

Add the following line at the end of the file:

DenyUsers	tempuser

Important: There is a ‘Tab‘ between ‘DenyUsers‘ and ‘tempuser‘ and not space. It won’t recognize the directive if you add a space.

Disable SSH Login to User

Save and exit the file.

Restart SSH server with the following command:

$ sudo systemctl restart sshd

If you are using a system that does not have SystemD, run:

$ sudo service sshd restart

Now, try logging in to localhost with user ‘tempuser’ using SSH. It should show the error ‘Permission denied’, as displayed below:

$ ssh tempuser@localhost

SSH Permission Denied Error

Disable SSH Root Access

The same way described above can be used to disable login to a root user. However to disable complete root access, i.e., to disable access to all root users, follow the steps given below.

Open the file ‘/etc/ssh/sshd_config’ in any text editor and search for the string ‘PermitRootLogin’. Uncomment the line and if it has any other value, set the value to ‘no’.

PermitRootLogin  no

Disable SSH Root Login

Save and exit the file. Restart SSH with:

$ sudo systemctl restart sshd

Or if you are not having SystemD:

$ sudo service sshd restart

Now try logging in to localhost with user ‘root’. It will also show the error ‘Permission Denied’.

$ ssh root@localhost

SSH Permission Denied Error