How to enable root user on AWS ec2 Ubuntu Linux instance

Where necessary, you may need to have access to a VPS server so you can follow how to implement the steps in this article.  You can get a cheaper VPS Server from Contabo with 4vCPU cores, 8GM RAM, and 32TB Bandwidth for less than $5.50 per month. Get this deal here now

Table of Contents

Cloud VPS S

$5.50 Monthly
  • 4 vCPU Cores | 8GB RAM


$15.50 Monthly
  • 6 vCPU Cores | 16GB RAM


$17.50 Monthly
  • 8 vCPU Cores | 24GB RAM

If you’re familiar with AWS Linux instances you will realize that the root user is by default disabled. Also, if you installed ubuntu as your choice AMI or Amazon Machine Image, a sudo user called ubuntu is by default created to enable you remotely ssh into your server. Now, this default user doesn’t have full privileges over the entire system like having access to the root user’s home directory. And there are certain scripts you will run as a sudo user but they will end up generating the files you need for configurations in the root home directory.

So, to access these files, you will either need to have root login privileges or use the su -i command to switch. But as we know it, this command requires a root password which you don’t have when you deploy a Linux instance on AWS. For beginners, we use SSH keys to have remote login access to the server.

So, how do you solve this problem?

Open the sshd configuration file

In a situation where you may need to have access to your root directory, /root, you could be entailed to enable the root user login on the system. We can achieve this by using the default sudo user ssh profile to edit the sshd-config file which is located under the following directory path; /etc/ssh/sshd_config

RECOMMENDED READING: How to use the apt command in Linux | Syntaxes & Examples

Use Nano editor

In this article, we will use the nano editor to edit our system’s sshd_config file by running the following command on the ssh terminal;

sudo nano /etc/ssh/sshd_config

Find or Add the ‘PermitRootLogin yes’ line

By running the above command, the SSH configuration file will open, and then you will have to either find or add the following line inside the SSH configuration file;

PermitRootLogin yes

Since we’re using nano as the code editor here, we need to exit by pressing CTRL + X. And then you will be prompted to select y meaning, yes save changes or n meaning, no to changes. Obviously will need to select Y so that the changes you made reflect on the SSH configuration file.

RECOMMENDED READING: A beginner’s Guide to understanding SSH | Learn from A-Z

Open & Edit ‘authorized_keys’ file

The other thing is to open the authorized_keys file, which is found under the following path;/root/.ssh/authorized_keys . And in the same way, we will use the nano as our choice editor, or anything of that sort. to edit this file. We can use the following command on the terminal to get there;

sudo nano /root/.ssh/authorized_keys

Now that the authorized_keys file is open, we need to remove or delete the following string line from this file;

no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"ubuntu\" rather than the user \"root\".';echo;sleep 10"

Restart SSH Daemon

Finally, Let’s restart the ssh daemon by running the following command;

sudo systemctl restart sshd

RECOMMENDED READING: How to easily Create and Add Users in Linux

Log out & Reconnect as ‘root’

Then, we need to log out from the current SSH session so we can reconnect using the root user. So, to connect as root, we will use the same private key and replace the user, ubuntu with the user, root on our SSH Terminal. See the example SSH command to achieve this below;

ssh -i "private_Key.pem" root@IP_Address

Alternatively, instead of using your instance’s Public IP Address, you can also use the public DNS name automatically assigned to that instance by AWS. And this example SSH command can help you to connect as root using the public DNS name of your instance;

ssh -i /path/key-pair-name.pem root@instance-public-dns-name

More related articles to explore

Hire us to handle what you want

Hire us through our Fiverr Profile and leave all the complicated & technical stuff to us. Here are some of the things we can do for you:

  • Website migration, troubleshooting, and maintenance.
  • Server & application deployment, scaling, troubleshooting, and maintenance
  • Deployment of Kubernetes, Docker, Cloudron, Ant Media, Apache, Nginx,  OpenVPN, cPanel, WHMCS, WordPress, and more
  • Everything you need on AWS, IBM Cloud, GCP, Azure, Oracle Cloud, Alibaba Cloud, Linode, Contabo, DigitalOcean, Ionos, Vultr, GoDaddy, HostGator, Namecheap, DreamHost, and more.

We will design, configure, deploy, or troubleshoot anything you want. Starting from $10, we will get your job done in the shortest time possible. Your payment is safe with Fiverr as we will only be paid once your project is completed.