How to Enable Root Login on AWS EC2 (And Why You Usually Shouldn’t)

Learn how to enable root login on AWS EC2 and why it’s safer to use sudo and SSH keys instead.

September 8, 2017Last Updated: April 17, 2026
8,190

By default, AWS EC2 and Google Cloud instances disable root login and password authentication for security reasons. This guide shows how to enable root login on AWS EC2, but more importantly, explains when you should avoid it and use safer alternatives instead.

Table of Contents

Why Root Login Is Disabled on AWS and GCP

Cloud providers disable root login by default because it is a major security risk. Instead, they give you a standard user like ubuntu or ec2-user and require you to use sudo.

This approach:

• Prevents brute-force attacks on root
• Forces safer privilege escalation
• Reduces accidental system damage

This is considered best practice across modern infrastructure.

Should You Enable Root Login?

In most cases, no.

You should avoid enabling root login if:

• Your server is publicly accessible
• You are running production workloads
• You can use sudo instead

However, there are limited cases where it might be useful:

• Temporary debugging
• Certain automation workflows
• Legacy setups that require root access

VPSFix recommendation:

Do not enable root login unless you fully understand the risks.

Step 1: Switch to Root User

Log in using your default user and then switch to root:

				
					sudo -i

Step 2: Edit SSH Configuration

Open the SSH config file:

				
					nano /etc/ssh/sshd_config

Find:

				
					PermitRootLogin

Change it to:

				
					PermitRootLogin yes

Step 3: Enable Password Authentication (Optional)

Search for:

				
					PasswordAuthentication no

Change it to:

				
					PasswordAuthentication yes

⚠️ Enabling password login increases security risk significantly.

Step 4: Restart SSH Service

Apply changes:

				
					sudo systemctl restart ssh

Step 5: Set a Root Password

Set a password for root:

				
					passwd

You can now log in as root using SSH (if enabled) or Virtualmin URL.

Why This Is Risky

Enabling root login with password authentication exposes your server to:

• Brute-force attacks
• Unauthorized access attempts
• Full system compromise if breached

Even strong passwords are not enough protection.

Safer Alternative (Recommended)

Instead of enabling root:

• Use a sudo user
• Disable root SSH login
• Use SSH key authentication
• Limit access with firewall rules

This setup is both secure and practical.

Conclusion

While it is possible to enable root login on AWS EC2, it is rarely the right choice. Cloud providers disable it by default for a reason. Using a sudo-based workflow with SSH key authentication gives you the same control with much better security.

If you’re unsure how to manage root access safely, start with the recommended approach in the guide: How to Safely Use the Root User on a VPS.

Tags
September 8, 2017Last Updated: April 17, 2026
8,190

Tharindu

Hey!! I'm Tharindu. I'm from Sri Lanka. I'm a part time freelancer and this is my blog where I write about everything I think might be useful to readers. If you read a tutorial here and want to hire me, contact me here.

Related Articles

-bash: nano: command not found

How to Fix -bash: nano: command not found with CLI

June 5, 2012
ubuntu-16-04-remote-desktop-vnc

Install Remote Desktop (VNC) on Ubuntu 16.04 Server

September 17, 2016
prosper202 on Nginx VPS

How to Install Prosper202 on Nginx powered VPS

October 23, 2013
connect to VPS using SSH

How to Connect to a Linux VPS (SSH & SFTP Guide)

February 7, 2013

Leave a Reply

Your email address will not be published. Required fields are marked *

© Copyright 2012 - 2026
The terms & logos we've used are registered trademarks for their respective corporations, and used on this site for reference proposes only. Infringing behavior isn't intended.
Made with in Sri Lanka
Back to top button