You can set or change your root user password under the USERS tab for a server. However, before you do that, there are some things to note about passwords and root users:
***For most server providers, if you do not set a password for your root user and you are locked out, you will NOT be able to regain access to your server and there is nothing we can do about it!***
Below is some information about the default configuration for server providers.
These providers have effectively set the PermitRootLogin config option in etc/ssh/sshd_config to prohibit-password.
You should consider overriding this option and setting a password for these servers. This will allow you to recover if you lock yourself out of the server and need to use the providers’ recovery console.
If you do override this option and set a password for root consider installing the fail2ban utility to throttle the bots that will be attempting to log into your server.
If you do not want to allow root logins with passwords, you should disable the the root password authentication capability for servers from these providers.
If you leave it enabled then consider installing the fail2ban utility on them.
This means that if you ever lock yourself out of your server you will always have a way to get back in – if you can login to the providers’ dashboard.
Try not to lock yourself out of these servers because you have no options to get back into them!
You can disable password authentication on SSH logins for the root or primary SUDO user. To do this:
As mentioned earlier in this document, certain server providers already disable SSH password authentication for the root user.
The most secure configuration for your server is to completely disable passwords for root users and use ssh keys for root/sudo logins.
But, we know that s*it happens. And since many of our customers are new to managing servers we do want to provide some options for recovering when bad stuff accidentally happens.
Changing root user passwords from the UI is available in WPCD V 4.6.0 or later. For prior versions you must log in via ssh and change it from the command line.