Information
The recommendation is to edit the /etc/ssh/sshd_config file to disable direct root login. By default direct root login via SSH is enabled.
All root access should be facilitated through a local logon with a unique and identifiable user ID and then via the su command once locally authenticated. Direct root login is extremely insecure and offers little in the way of audit trailing for accountability.
Solution
Edit the /etc/ssh/sshd_config file and disable direct root login for SSH-
vi /etc/ssh/sshd_config
Replace-
#PermitRootLogin yes
With-
PermitRootLogin no
Re-cycle the sshd daemon to pick up the configuration changes-
stopsrc -s sshd
startsrc -s sshd