Direct login for the root user is a major security issue. We can disable direct login access to reduce the security risk. This way we can have two separate passwords for root access which makes the box more secure. Also we are using the protocol 2 which is newer and more secure.
01. SSH into your server as 'admin' and gain root access by su
02. Copy and paste this line to edit the file for SSH logins
#nano /etc/ssh/sshd_config
03. Find the line
Protocol 2, 1
04. Uncomment it and change it to look like
Protocol 2
05. Next, find the line
PermitRootLogin yes
06. Uncomment it and make it look like PermitRootLogin no
07. Save the file Ctrl+o then Ctrl+x then enter
08. Now you can restart SSH
#/etc/rc.d/init.d/sshd restart
Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root.
Be sure that you remember both the passwords!
------------------------------------------------------------------------------------------
How to disable direct root login.
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment