Disable root on ssh but not on winscp
 

Hi
Ive just disabled root login on ssh by doing the following:
set "PermitRootLogin no" in /etc/ssh/sshd_config

The result was what I wanted, however I can not use winscp to login as root now, is there a workaround that allows me to forbid root access to ssh but still allow root access to winscp

Thx for your suggestions

It is possible to restrict SSH access for a user while still allowing WinSCP.

WinSCP would have to be set to use SFTP only, and the /etc/passwd file would have to have the shell set to be /usr/libexec/sftp-server (or whatever the path to the binary is).

For root, this wouldn't be too wise, as you would not be able to login at the terminal either!

Well ..yes of course..it would not be a good idea to change the shell path of root...but still thanks for the clarification...what about setting an account that is not root...but still has global access to all the functions that winscp is able to do..like creating folders in the /root/ folder

Why not just do the standard thing and use winscp to log in as a non-root user? Copy your file to a non-root home directory then use an ssh session to move the file to where you want it. If you turn off root login, then root login is off.

If you can run winscp from the command line, you can script this, viz:
This is a segment from a script I use to remotely wipe/reinstall Linux systems. It downloads a script to the server then executes it as root to extract user credentials from the system I am preparing to wipe. Actually, I developed a big chunk of this using cygwin on WinXP.