How to disable direct root login to ssh
Allowing the root user to login directly is a major security issue :This will force a hacker to have to guess 2 seperate passwords to gain root access. so it is better trick to have tow seperate passwords one for admin and the other for root. You will need to login as your admin user in SSH, then switch to the super user with the su command to get root. We will be forcing to use of SSH protocol 2, which is a newer, more secure SSH protocol.
Note: If you're using cPanel make sure you add your admin user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root.
1. SSH into your server as 'admin' and gain root access by su
#username: admin
pass:
# su -
pass:
2. Edit the following file Copy for SSH logins
# pico -w /etc/ssh/sshd_config
3. Find the line
Protocol 2, 1
4. Uncomment it and change it to look like
Protocol 2
5. Next, find the line
# PermitRootLogin yes
6. Uncomment it and make it look like
# PermitRootLogin no
7. Save the file Ctrl+X then Y then enter
8. Now you can restart SSH
# /etc/rc.d/init.d/sshd stop
# /etc/rc.d/init.d/sshd start
posted by The Great Anil @ 4:43 PM
Comments: 0
