How to disable root logins to secure SSH on Linux server (or VPS)
By default, Linux comes with a user account that has full access to everything on the computer/server/VPS, and that user always has the same name: root. Given the ultimate power of this user's abilities over the server, hackers are always trying to brute force crack the secure shell service (SSH aka SSHD) as the root user. Username/password combinations involve two parts. When you already know the username (root), all that's left is to guess the password.
The easiest way to add security to SSH is by implementing a two part plan:
How to Disable Root Logins in Linux Step 1: Login to SSH as root. Most Windows users will be using Putty. Step 2: Add a new user account. If you're on a server/VPS that already has users added (via a control panel like DirectAdmin or cPanel, for example), then you'll want to pick a name not already in use on the server. If your new username is "goobersmooch", then you'd type this into SSH: Code:
[root@vps ~]# adduser goobersmooch Code:
[root@vps ~]# id goobersmooch Code:
[root@vps ~]# ls -lad /home/goobersmooch/ Code:
[root@vps ~]# passwd goobersmooch Code:
[goobersmooch@vps ~]# su - If it works, awesome, you're ready for the next step... Step 6: Disable root login in sshd configuration files. With a text editor line nano or vi, edit /etc/ssh/sshd_config. In this example, I'm using nano. Type this into the command prompt: Code:
[goobersmooch@vps ~]# nano /etc/ssh/sshd_config Code:
#PermitRootLogin yes Code:
PermitRootLogin no Step 7: Restart sshd service. In CentOS/RHEL Linux distributions, you'll type: Code:
[root@vps ~]# service sshd restart Code:
[root@vps ~]# /etc/init.d/sshd restart Again, from now on, you'll need to login as the new user you've just created, and the "su -" over to root when needed. Only login as the root user when it's required. Some common SSH maintenance tasks can be managed from the normal user you've just created. I'll cover changing the sshd service port in another post/guide. Hope this helps. :2cents: __________________ Need a good host? .Find one here: List of the Best Web Hosts in 2012 - Shared, reseller and VPS hosting |
Site design, images and content © 2002-2024 The Digital FAQ, www.digitalFAQ.com
Forum Software by vBulletin · Copyright © 2024 Jelsoft Enterprises Ltd.