Search Knowledge Base Articles

How to Enable Root Access in Ubuntu 24.x

Overview

In Ubuntu 24.x (24.04 LTS), the root account is disabled by default for security reasons. Ubuntu enforces administrative access through the sudo mechanism, which provides better auditing and reduces the risk of accidental or malicious system changes.

This article explains how to enable and disable root access, and outlines security best practices.

Default Root Account Behavior

  • The root user exists but is locked

  • Direct login as root is not permitted

  • Administrative privileges are granted via sudo

To check the current status:

sudo passwd -S root

If the output shows:

root L

the root account is locked.

Enabling Root Access

To enable the root account, assign a password:

sudo passwd root

Once a password is set, the root account becomes active.

Switching to Root User

After enabling root, you may switch to the root shell:

su -

Enter the root password when prompted.

Enabling Root Login via SSH (Not Recommended)

Allowing root login over SSH significantly increases security risks and should only be done in controlled environments.

  1. Edit the SSH configuration file:

sudo nano /etc/ssh/sshd_config

  1. Locate or add the following directive:

PermitRootLogin yes

More secure alternatives:

PermitRootLogin prohibit-password PermitRootLogin without-password

  1. Restart the SSH service:

sudo systemctl restart ssh

Security Considerations

Enabling direct root access has the following implications:

  • No per-command audit trail

  • Higher risk if credentials are compromised

  • Increased exposure to brute-force attacks

Security recommendations:

  • Use strong and unique passwords

  • Prefer SSH key-based authentication

  • Restrict SSH access by IP address

  • Use firewall rules and intrusion prevention tools (e.g., Fail2Ban)

  • Disable root login when not required

Disabling Root Access

To disable root access again, lock the root account:

sudo passwd -l root

This immediately prevents direct root login.

Best Practices Summary

Practice Recommended
Use sudo for administration ✅ Yes
Enable root account ⚠️ Only if required
Allow root SSH login ❌ Avoid
SSH key authentication ✅ Yes
Logging and monitoring ✅ Required

Conclusion

Direct root access in Ubuntu 24.x should be enabled only when absolutely necessary. For most administrative tasks, sudoprovides a safer and auditable alternative. Always follow system hardening best practices when modifying authentication behavior.

Did you find this article useful?