One of the biggest security issues a system administrator can run into on a default Linux system, is that it allows everyone to directly log in to your system through ssh. When someone wants to hack your server, the first thing the cracker or bot will do is brute forcing your root account. Since you don't have to guess the username, that's becoming a whole lot easier on the cracker.
That's an issue. Brute forcing root accounts through SSH is still very popular, and any sys admin can verify this by checking the logs on a Linux server. This is easy to fix, by having a seperate account to log into, and use root on the system itself with sudo or su (whatever you prefer). It’s much better to have a separate account that you regularly use and simply sudo to root when necessary. Needless to say, when you edit SSH to disallow root logins, you need to have a seperate account that can log in and use su or sudo.
First off we’ll need to edit the SSHD config file:
Find the line in the file containing "PermitRootLogin", and change it into the following:
Afterwards you'll need to restart the SSH daemon
Your Root account is now excluded from brute force attacks.