Results 1 to 2 of 2

Thread: Disable Direct Root Logins

  1. #1
    mega's Avatar
    mega is offline Newbie Net Builder
    Join Date
    May 2009
    Location
    Hell , Wanna Come ??
    Posts
    62
    Thanks
    0
    Thanked 10 Times in 4 Posts

    Red face

    Allowing the root user to login directly is a major security issue, we'll show you how to disable it so you can still login as root but just not directly, reducing the security issue.

    This will force a hacker to have to guess 2 seperate passwords to gain root access.
    (you do have 2 seperate passwords for admin and root right?)
    What happens is you'll first need to login as your admin user in SSH, then switch to the super user with the su command to get root.

    We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
    Just a couple more ways to help your server stay safe from the bad guys. If you're using cPanel make sure you add your admin user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root.

    1. SSH into your server as 'admin' and gain root access by su

    2. Copy and paste this line to edit the file for SSH logins
    pico -w /etc/ssh/sshd_config

    3. Find the line
    Protocol 2, 1

    4. Uncomment it and change it to look like
    Protocol 2

    5. Next, find the line
    PermitRootLogin yes

    6. Uncomment it and make it look like PermitRootLogin no

    7. Save the file Ctrl+X then Y then enter

    8. Now you can restart SSH
    /etc/rc.d/init.d/sshd restart

    Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root, and you will be forcing the use of a more secure protocol. Just make sure you remember both passwords!
    Never argue with an idiot; First he takes you down to his level and then he beats you with experience.

  2. #2
    Eyes's Avatar
    Eyes is offline Newbie Net Builder
    Join Date
    May 2009
    Location
    In a Party
    Posts
    83
    Thanks
    0
    Thanked 1 Time in 1 Post
    brilliant, just what i needed

Similar Threads

  1. Big Warning for video sites and Adsense Disable
    By thesyndicate in forum AdSense
    Replies: 2
    Last Post: 13 April, 2010, 05:28 AM
  2. configuring to translate root folder?
    By moltovivo1 in forum Translation Script Support
    Replies: 12
    Last Post: 6 August, 2009, 13:10 PM
  3. E-mail Alert on Root SSH Login
    By mega in forum Managing
    Replies: 1
    Last Post: 14 May, 2009, 10:22 AM
  4. Creating a Welcome message for SSH logins
    By mega in forum Managing
    Replies: 1
    Last Post: 14 May, 2009, 10:22 AM
  5. How to Disable Telnet
    By mega in forum Managing
    Replies: 1
    Last Post: 14 May, 2009, 10:16 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •