http://www.hostsdepot.com/modules/article/view.article.php/18/c8 Tue, 07 Feb 2012 16:49:33 +1700 ARTICLE @ XOOPS powered by FeedCreator http://www.hostsdepot.com/modules/article/images/logo.png http://www.hostsdepot.com/modules/article/ 80 15 Article XML en admin at hostsdepot dot com admin at hostsdepot dot com Hosting Article http://www.hostsdepot.com/modules/article/view.article.php/18/c8 Keywords: root su login ssh2Why would you want to disable root login?
Well.. you're not.. You are disabling "direct" root login.

This will force a hacker to have to guess 2 seperate passwords to gain root access.. (you do have 2 seperate passwords for admin and root right?)

After you do this, you will have to login as 'admin' then you will 'su -' to get to root.. We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol

Just a couple more ways to help your server stay safe from the bad guys.

If you're using cPanel make sure you add your admin user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root

1) SSH into your server as 'admin' and gain root access by

su -

2) Copy and paste this line to edit the file

pico -w /etc/ssh/sshd_config

3) Find the line

#Protocol 2, 1

4) Uncomment it and change it to look like

Protocol 2

5) Next, find the line

#PermitRootLogin yes

6)Uncomment it and make it look like

PermitRootLogin no

7) Save the file

ctrl 'x' then 'y' then enter

Restart SSH

/etc/rc.d/init.d/sshd restart

Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root, and you will be forcing the use of a more secure protocol
]]> Hostsdepot Thu, 01 Jan 1970 00:00:00 +1700