Root logging through network – a bad idea

How to get rid of the option to log onto server as root, through network (using Putty, that is SSH)?
Well that option should not be active at all, but if it is, here is how you disable it :
You should have a account which has BASH shell access (you can check it in /etc/passwd file) :
Give this account a quite complicated password.
Change one line in /etc/ssh/sshd_config file :
# vi /etc/ssh/sshd_config
So that it is :
PermitRootLogin no
# service sshd restart

Result : on this server root can not log in directly, but as a “user” nad than do $su -, to become root :
login as: user
user@’s password:
[korisnik@mail-2008 ~]$ su –
[root@mail-2008 ~]#

Good link.

This entry was posted in Linux and tagged , . Bookmark the permalink.

Comments are closed.