From b96ec881d1f6f8218829492fa89a1e5943e7b876 Mon Sep 17 00:00:00 2001
From: stresler <stresler@users.noreply.github.com>
Date: Sun, 15 Mar 2015 13:02:50 -0400
Subject: [PATCH] Shut down password ssh access for root

Currently it seems that the only protection against ssh root logins is that no password is set. If a user unintentionally sets a root password, assuming that you can't login as root, they inadvertently open themselves up to a dictionary attack.
---
 configs/sshd_config | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/configs/sshd_config b/configs/sshd_config
index 0a81dd7..d649195 100644
--- a/configs/sshd_config
+++ b/configs/sshd_config
@@ -3,3 +3,5 @@ UsePrivilegeSeparation sandbox
 Subsystem sftp internal-sftp
 ClientAliveInterval 180
 UseDNS no
+PasswordAuthentication no
+PermitRootLogin no