Disabling direct root login will force a hacker to have to gain access to two seperate passwords to SSH into your server.

First, Set up the admin account if you haven't already got one:

#groupadd admin
#useradd admin -gadmin



Create a password for the new account.

#passwd admin

On a CPanel system, you can now go into root WHM and add anotheruser to the wheel group, or use your favorite editor to put "admin" in the wheel group by editing /etc/group

Now, SSH into your server as admin and gain root access by typing:

#su -

Next, use your favorite editor to edit /etc/ssh/sshd_config, assuming you are using pico, type:

#pico -w /etc/ssh/sshd_config

Find the line:

-Protocol 2, 1
Uncomment it and change it to look like:

-Protocol 2

Next, find the line:

-PermitRootLogin yes

Uncomment it and make it look like:

PermitRootLogin no

Now, save the file, with perl you would press CTRL+x, then y then enter to save the file.

Restart SSH by issueing this command:

#/etc/rc.d/init.d/sshd restart

And if you like to disable 'su' you can use 'chmod 750 /bin/su'