I thik the better way is to just uncomment the following line in /etc/ssh/sshd_config:
#PermitRootLogin yes

And change it to:
PermitRootLogin no

My 2 cents,

>> On Thu, Sep 06, 2007 at 01:52:17AM +0200, Radek Hladik wrote:>
>> Hi,
>> all I wanted was to force SSHd to accept root logins only from
>> localhost.

> If nobody else comes up with an answer, then try this one:

> Run two (or more) instances of sshd. Bind one of them to the loopback interface, and let it allow

root users. Bind the other(s) to the "real"
> network interface(s), and let them deny root users.