Article XML http://www.hostsdepot.com/modules/article/view.article.php/18/c8 2012-02-07T16:53:51+17:00 http://www.hostsdepot.com/modules/article/ http://www.hostsdepot.com/modules/article/images/logo.png text/html 1970-01-01T00:00:00+17:00 http://www.hostsdepot.com/modules/article/ Hostsdepot http://www.hostsdepot.com/modules/article/view.article.php/18/c8 Category: Dedicated Web Hosting<br />Keywords: root su login ssh2Why would you want to disable root login? <br />Well.. you're not.. You are disabling "direct" root login. <br /><br />This will force a hacker to have to guess 2 seperate passwords to gain root access.. (you do have 2 seperate passwords for admin and root right?) <br /><br />After you do this, you will have to login as 'admin' then you will 'su -' to get to root.. We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol <br /><br />Just a couple more ways to help your server stay safe from the bad guys. <br /><br />If you're using cPanel make sure you add your admin user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root <br /><br />1) SSH into your server as 'admin' and gain root access by <br /><br />su - <br /><br />2) Copy and paste this line to edit the file <br /><br />pico -w /etc/ssh/sshd_config <br /><br />3) Find the line <br /><br />#Protocol 2, 1 <br /><br />4) Uncomment it and change it to look like <br /><br />Protocol 2 <br /><br />5) Next, find the line <br /><br />#PermitRootLogin yes <br /><br />6)Uncomment it and make it look like <br /><br />PermitRootLogin no <br /><br />7) Save the file <br /><br />ctrl 'x' then 'y' then enter <br /><br /> Restart SSH <br /><br />/etc/rc.d/init.d/sshd restart <br /><br />Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root, and you will be forcing the use of a more secure protocol<br />