1. Add username admin from shell (adduser)
2. Assign a password to the username: admin
3. then add admin to the wheel group using WHM
4. pico /etc/ssh/sshd_config
uncomment :
#PermitRootLogin yes
and make it:
PermitRootLogin no
Restart sshd.
-------------------------------------------------------------------------------------
Why on earth would you want to disable root login?
Well,.. you're not.. You are disabling "direct" root login. This will force a hacker to have to guess 2 seperate passwords to gain root access.. (you do have 2 seperate passwords for admin and root right?)
After you do this, you will have to login as 'admin' then you will 'su -' to get to root.. We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol. It's just a couple more ways to help your server stay safe from the bad guys.
If you're using cPanel make sure you add your admin user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root
1) SSH into your server as 'admin' and gain root access by
su -
2) Copy and paste this line to edit the file
pico -w /etc/ssh/sshd_config
3) Find the line
#Protocol 2, 1
4) Uncomment it and change it to look like
Protocol 2
5) Next, find the line
#PermitRootLogin yes
6)Uncomment it and make it look like
PermitRootLogin no
7) Save the file
ctrl 'x' then 'y' then enter
Restart SSH
/etc/rc.d/init.d/sshd restart
Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root, and you will be forcing the use of a more secure protocol.
-------------------------------------------------------------------------------------
Also check this link:
http://forum.rackshack.net/showthread.php?s=&threadid=16888&highlight=root
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment