Applies To

OpenSUSE upgrade performing from version Leap 15.6 to Leap 16.0.

Problem

After upgrading to openSUSE Leap 16.0, SSH root login with a password no longer works. Customers who previously accessed their systems remotely as root via password authentication will be locked out after the upgrade.

Cause

openSUSE Leap 16.0 disables password-based SSH root login by default, in line with modern Linux security standards. This change reduces the risk of brute-force attacks targeting the root account.

Solution/Workaround

One of the following must be configured before performing the upgrade:

Option 1 — SSH Key Authentication for Root (Recommended) Replace password login with key-based authentication for the root user.

1. On the client machine, generate an SSH key pair (if not already available):
   1. ssh-keygen -t ed25519
2. Copy the public key to the target server:
   1. ssh-copy-id root@<server-ip>
3. Verify key-based login works before upgrading:
   1. ssh root@<server-ip>

Option 2 — Create a Non-Root User with sudo Privileges Use a non-root account for remote access post-upgrade.

1. Create a new user:
   1. useradd -m -s /bin/bash -c "Test User" testuser
   2. sudo passwd testuser
2. Grant sudo privileges:
   1. usermod -a -G wheel testuser
3. Verify the user can log in via SSH and run sudo commands before upgrading.

Reference: openSUSE Leap 16.0 Release Notes – JSC-PED-4965