Go Back   Web Server Hosting Forum by BODHost > Support > Tutorials and Documentation
http://www.bodhost.com/forum/Reload this Page Disable Direct Root Logins
 

Reply
 
Thread Tools Display Modes
  #1 (permalink)  
Old 11-22-07, 13:44
BOD Member
  
Join Date: Jul 2007
Posts: 296
Default Disable Direct Root Logins
im not sure if i posted this b4 but watev
Allowing the root user to login directly is a major security issue, we'll show you how to disable it so you can still login as root but just not directly, reducing the security issue.

This will force a hacker to have to guess 2 seperate passwords to gain root access.
(you do have 2 seperate passwords for admin and root right?)
What happens is you'll first need to login as your admin user in SSH, then switch to the super user with the su command to get root.

We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
Just a couple more ways to help your server stay safe from the bad guys. If you're using cPanel make sure you add your admin user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root.

1. SSH into your server as 'admin' and gain root access by su

2. Copy and paste this line to edit the file for SSH logins
pico -w /etc/ssh/sshd_config

3. Find the line
Protocol 2, 1

4. Uncomment it and change it to look like
Protocol 2

5. Next, find the line
PermitRootLogin yes

6. Uncomment it and make it look like PermitRootLogin no

7. Save the file Ctrl+X then Y then enter

8. Now you can restart SSH
/etc/rc.d/init.d/sshd restart

Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root, and you will be forcing the use of a more secure protocol. Just make sure you remember both passwords!
__________________
insert sig here
Reply With Quote
  #2 (permalink)  
Old 11-23-07, 09:03
Administrator
  
Join Date: Jul 2007
Posts: 85
Default
One of the common attack method of potential hackers is to obtain the root password so by disabling the root login you can secure your server.
Reply With Quote
  #3 (permalink)  
Old 11-24-07, 07:11
BOD Member
  
Join Date: Oct 2007
Posts: 34
Default
Other way to secure your server is change the ssh port. You can change the port in file /etc/ssh/sshd_config.
1: Edit the file as vi /etc/ssh/sshd_config
2: Search for line #Port 22
3: Uncomment this line and replace 22 by 1023 or any number.
4: Save this file and restart sshd service.


Glenn.
Reply With Quote
  #4 (permalink)  
Old 11-24-07, 09:37
Moderator
  
Join Date: Oct 2005
Posts: 346
Default
I was even thinking of Port forwarding, or tunneling which is a good way to forward insecure TCP traffic through SSH :D
Reply With Quote
Reply

« APF Deny ALL for SSH Limit IP Connections | How to install BFD (Brute Force Detection) »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump


All times are GMT -6. The time now is 02:36.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0
Copyright © 1999-2012, BODHost Ltd. All rights reserved.

Web Server Hosting   -   Contact Us   -     -   Members   -   Register   -   Calendar   -   Search   -   FAQ