Connect to Linux VMs as the root user

Linux

This document describes how to connect to Linux virtual machine (VM) instancesas the root user, which enables superuser privileges on the VM. By default,Compute Engine VMs built frompublic imagesand most common operating systems don't allow root login with a password overSSH.

An alternative to connecting to VMs as the root user is to run commands throughsudo, which we recommend instead of enabling root login.

Supported operating systems

These connection methods are supported for allpublic Linux images that are available onCompute Engine. For Fedora CoreOS images, you mustset up SSH access before you can use these methods.

Enable root login

Note: We recommend running commands throughsudo instead of enabling rootlogin.

By default, Compute Engine VMs, set thePermitRootLogin parameter toprohibit-password orno in the/etc/ssh/sshd_config SSH configurationfile. Enable root login by following the instructions for your VM:

OS Login VMs

Enable root login by doing the following:

Create an SSH key. Copy thepublic SSH key for later.
Connect to the VM asyou usually do.
ChangePermitRootLogin no toPermitRootLogin prohibit-password in the/etc/ssh/sshd_config file, by running the following command:
```
sudo sed -i 's/PermitRootLogin no/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
```
Create the/root/.ssh directory using the following command:
```
sudo mkdir /root/.ssh
```
Set permissions on the.ssh directory, by running the following command:
```
sudo chmod 700 /root/.ssh
```
Create theauthorized_keys file by running the followingcommand:
```
sudo touch /root/.ssh/authorized_keys
```
Set permissions on theauthorized_keys file, by running the followingcommand:
```
sudo chmod 600 /root/.ssh/authorized_keys
```
Paste the public SSH key into the/root/.ssh/authorized_keys file.
Restart thesshd daemon by restarting the VM, or running the restartcommand for your VM's operating system. Wait for the VM to reboot, thenconnect as the root user.

Non-OS Login VMs

Enable root login by doing the following:

Connect to the VM asyou usually do.
ChangePermitRootLogin no toPermitRootLogin prohibit-password in the/etc/ssh/sshd_config file, by running the following command:
```
sudo sed -i 's/PermitRootLogin no/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
```
Restart thesshd daemon by restarting the VM, or running the restartcommand for your VM's operating system. Wait for the VM to reboot, thenconnect as the root user.

Connect as the root user

After you enable root login, connect to the VM as the root user. Ifyou're connecting to a VM that has OS Login enabled, you must use third-partytools instead of the gcloud CLI.

gcloud

Note: You must use third-party tools to connect as the root user if the VMyou're connecting to has OS Login enabled.

Connect to VMs as the root user by using thegcloud compute ssh command withroot@ specified before the VM name:

In the Google Cloud console, activate Cloud Shell.
Activate Cloud Shell
At the bottom of the Google Cloud console, aCloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.
Connect to the VM by running the following command:
```
gcloud compute ssh \    --project=PROJECT_ID \    --zone=ZONE \    root@VM_NAME
```
Replace the following:
- PROJECT_ID: the ID of the project that containsthe VM
- ZONE: the name of the zone in which the VM islocated
- VM_NAME: the name of the VM

Third-party tools

Connect to VMs as the root user by following the instructions for your VM:

OS Login VMs
Connect using third-party toolsand specify the following:
- Private key: the private key that corresponds with the public keythat you added to theauthorized_keys file
- Username: the username must beroot
Non-OS Login VMs
1. Create an SSH key for theroot user. The username for the key must beroot.
2. Add the key for the root user to metadata.
3. Connect using third-party toolsand specify the following:
  - Private key: the private key for the root user
  - Username: the username must beroot

Troubleshooting

To find methods for diagnosing and resolving failed SSH connections, seeTroubleshooting SSH.

What's next

Learn how tomanage access to VMs.
Learn how totransfer files to VMs.
Learn howSSH connections to Linux VMswork on Compute Engine.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-15 UTC.

Movatterモバイル変換

Connect to Linux VMs as the root user Stay organized with collections Save and categorize content based on your preferences.