Prevent Users from Logging in as Root Directly
Administrator users must never log in directly as root. To assure individual accountability and prevent unauthorized access, logging in as root over a remote connection must be disabled. Administrators should only run commands as root after first authenticating with their individual user names and passwords.
[Permit/Prevent]
To check if SSH has root logins enabled, run the following command:
sudo grep ^PermitRootLogin /etc/sshd_config
If there is no result, or the result is set to 'yes', this is a finding.
oval:org.secpod.oval:def:25106
SCAP Repo OVAL Definition
2015-06-12