Three areas in SSH will help in deny or allow remote root access
Go to /etc/ssh/sshd_config
1) PermitRootLogin no
If you want to deny certain users from logging in, put this in the configuration file:
2) DenyUsers root
This takes the blacklisting approach. Whitelisting is generally preferable. If your company needs to allow the rob and admin users log in on the server, use the following configuration directive:
3) AllowUsers rob admin
This will allow specific groups have access remotely