nerdexam
CompTIA

XK0-004 · Question #454

A systems administrator needs to prevent the root account from being used to log in to a Linux server via SSH. Which of the following configuration ies does the systems administrator need to edit to p

The correct answer is B. /etc/sshd/config. The SSH daemon configuration file controls server-side SSH behavior, including whether the root account is permitted to log in.

Security

Question

A systems administrator needs to prevent the root account from being used to log in to a Linux server via SSH. Which of the following configuration ies does the systems administrator need to edit to perform this task?

Options

  • A/etc/passwd
  • B/etc/sshd/config
  • C-/.ssh/config
  • D/etc/ayaconfig/sshd

How the community answered

(31 responses)
  • B
    94% (29)
  • C
    3% (1)
  • D
    3% (1)

Why each option

The SSH daemon configuration file controls server-side SSH behavior, including whether the root account is permitted to log in.

A/etc/passwd

/etc/passwd stores local user account metadata such as usernames, UIDs, GIDs, and home directories, but does not contain any SSH access controls.

B/etc/sshd/configCorrect

The SSH daemon configuration file (standardly located at /etc/ssh/sshd_config) contains the PermitRootLogin directive that governs root access over SSH. Setting 'PermitRootLogin no' in this file and restarting the sshd service effectively blocks root from authenticating via SSH, which is a critical security hardening step.

C-/.ssh/config

~/.ssh/config is the per-user SSH client configuration file that controls outbound SSH connections initiated by that user, not server-side authentication policy.

D/etc/ayaconfig/sshd

/etc/ayaconfig/sshd is not a valid or standard path on Linux systems - SSH daemon configuration is not stored in this location.

Concept tested: SSH daemon PermitRootLogin configuration in sshd_config

Source: https://man7.org/linux/man-pages/man5/sshd_config.5.html

Topics

#SSH hardening#root login#sshd_config#access control

Community Discussion

No community discussion yet for this question.

Full XK0-004 Practice