Published on: July 24, 2014 by George K.
Scenario:
Disable root login is a security measure that can be used on a Linux server.
One of the biggest security holes you could open on your server is to allow directly logging in as root through ssh, because any cracker can attempt to brute force your root password and potentially get access to your system if they can figure out your password.
It’s much better to have a separate account that you regularly use and simply sudo to root when necessary.
[otw_shortcode_info_box border_type=”bordered” border_color_class=”otw-aqua-border” border_style=”bordered”]Add a new user
# adduser user
Set the user’s password
# passwd user
Add the user to the ‘wheel’ group
# usermod -G wheel user[/otw_shortcode_info_box]
Note
Before disabling the root login, login as wheel user on another terminal to ensure that everything is working fine.
Switch back to root user using the su command
# su -
Open the ssh main configuration file in the server
# vi /etc/ssh/sshd_config
Search for the below line:
PermitRootLogin yes
Modify it and change it to
PermitRootLogin no
Now restart the service
/etc/init.d/sshd restart
Make sure that you are able to access the the server as ssh user and switch to root without closing your current ssh root session.
Category : General, Howtos, Linux
George started his career in web hosting and Linux technical support in the year 2004 and is with SupportSages since 2009. He has keen interest in server optimizations, custom security solutions, hacked server recovery, cyber forensic and high availability fail over system design and implementation. George loves long drives and is passionate about art and literature.
Add new commentSIGN IN