In this article I will show you how to disable direct root access on your Linux server. I will also a good idea to secure your server form hacker as hacker first has to login to server using ordinary (non-root) user and then gain root access (su -) from there. So hacker has to undergo two security checks. Please find below steps to disable direct root access.
Step 1
You must create a user to access the server. Let suppose I want to create user 'zaeem'. Following commands are used.
[root@Localhost]# groupadd zaeem
[root@Localhost]# useradd zaeem –gzaeem
[root@Localhost]# passwd zaeem
Enter password that you want to set against user 'zaeem'. So now you are done with user creation. You must test connecting to server using this user before root access is disabled because many people disable root access and either they forget to define user or defined user is unable to connect. Use following command to test the connection.
ssh zaeem@192.168.0.121
if it is successful then use following process to disable direct root access.
Step 2
open the file /etc/ssh/sshd_config and find line '#Protocol 2,1' so modify it to look like as 'Protocol 2'.
After that locate 'PermitRootLogin yes' so un-comment it and change it to look like 'PermitRootLogin no'. Save the file and restart sshd (service sshd restart)
That's it. Cheers!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment