Disable Root Account Login in SSH
RegisterLogin
Disable Root Account Login in SSH
Post Description: This Short Tutorial Will Show You What Commands To Use To Disable Root User Login To A Ssh Terminal. Disabling Root Username In Sshd Is Easy With These Steps
Tags: How, To, Disable, Ssh, Root, Login
This Post Was Posted On Feb 13, 2010 By Webune Support #3139
Post Description: This Short Tutorial Will Show You What Commands To Use To Disable Root User Login To A Ssh Terminal. Disabling Root Username In Sshd Is Easy With These Steps
Tags: How, To, Disable, Ssh, Root, Login
This Post Was Posted On Feb 13, 2010 By Webune Support #3139
Disable Root Account Login in SSH by Webune Support
WARNING: it is IMPORTANT that you make sure before you continue with these steps that you either have created or create another user other than root so you can access your server through SSH. Otherwise, if you only have root username in your system, you will just lock yourself out from remotely accessing your server. Continue at your own RISK!!!
login as superuser and edit the /etc/ssh/sshd_config file
first thing we are going to do is to make a copy of the original sshd_config file just incase you mess up:
SHELL COMMAND:
cp /etc/ssh/sshd_config /etc/ssh/sshd_config-bk
i will be using nano as my text editor, you can use your favorite if you want. like VI or pico. i like nano because its easy to use
SHELL COMMAND:
nano /etc/ssh/sshd_config
now uncomment the Protocol 2 line:
find:
#Protocol 2
Change to:
Protocol 2
now look for the PermitRootLogin configuration settings and change:
from:
PermitRootLogin yes
to
PermitRootLogin no
save changes and exit the shell, it order for the changes to take affect you need to restart the sshd server with this command:
SHELL COMMAND:
/etc/rc.d/init.d/sshd restart
now quit the current shell session and start a new one, you should not be able to login as the root user anymore
NOTE: this was tested on a Redhat, Fedora, CentOS server
Leave Your Comments
webune
#4501 1
another helpful tips:
1. to make it more secured, you can also change the default port 22 to a different port, for example port 7892 when you open the sshd_config file, you can make the changes there
2. install denyhosts on your server:
http://denyhosts.sourceforge.net/faq.html#1_0
1. to make it more secured, you can also change the default port 22 to a different port, for example port 7892 when you open the sshd_config file, you can make the changes there
2. install denyhosts on your server:
http://denyhosts.sourceforge.net/faq.html#1_0
Oct 04, 2010 Reply Report abuse
©2011 Webune Forums - Wed Dec 21, 2011 2:11 am
Powered by: Webune Forums V3
Powered by: Webune Forums V3