FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 01-05-2010, 12:11 PM
Susan Day
 
Default Signing In Other than Root

Hi;
How do I make it so that it's impossible to SSH into the server directly as root? That is, make it necessary to SSH in as an ordinary user and then su to root?
TIA,
Suzie

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 01-05-2010, 12:15 PM
 
Default Signing In Other than Root

You can edit sshd_config, find PermitRootLogin yes and replace yes to no. Like this:

PermitRootLogin no

This is disallow root for directly login from ssh.

-DS-


-----Original Message-----
From: Susan Day <suzieprogrammer@gmail.com>
Date: Tue, 5 Jan 2010 09:11:17
To: CentOS mailing list<centos@centos.org>
Subject: [CentOS] Signing In Other than Root

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 01-05-2010, 12:16 PM
Max Hetrick
 
Default Signing In Other than Root

Susan Day wrote:
> Hi;
> How do I make it so that it's impossible to SSH into the server directly
> as root? That is, make it necessary to SSH in as an ordinary user and
> then su to root?
> TIA,
> Suzie

# vim /etc/ssh/sshd_config

Uncomment the following line:

#PermitRootLogin yes
PermitRootLogin no

# service sshd restart

Regards,
Max
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 01-05-2010, 12:17 PM
"Bo Lynch"
 
Default Signing In Other than Root

On Tue, January 5, 2010 8:11 am, Susan Day wrote:
> Hi;
> How do I make it so that it's impossible to SSH into the server directly
> as
> root? That is, make it necessary to SSH in as an ordinary user and then su
> to root?
> TIA,
> Suzie
> _______________________________________________
You can add all users to a group, lets say remote_group, and then in
sshd.conf specify that only users from that group are allowed to login via
ssh.

Bo Lynch



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 01-05-2010, 12:17 PM
"Christoph Neuhaus"
 
Default Signing In Other than Root

Hi,

> How do I make it so that it's impossible to SSH into the server directly
> as root?

man ssh_config ->

PermitRootLogin
Specifies whether root can login using ssh(1). The argument
must be "yes", "without-password", "forced-commands-only" or
"no". The default is "yes".

If this option is set to "without-password" password authentica-
tion is disabled for root. Note that other authentication meth-
ods (e.g., keyboard-interactive/PAM) may still allow root to
login using a password.

If this option is set to "forced-commands-only" root login with
public key authentication will be allowed, but only if the
command option has been specified (which may be useful for tak-
ing remote backups even if root login is normally not allowed).
All other authentication methods are disabled for root.

If this option is set to "no" root is not allowed to login.


You have to restart the SSH server (service sshd restart) after modifying
the file /etc/ssh/sshd_config.


Chris
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 01-05-2010, 12:26 PM
John Doe
 
Default Signing In Other than Root

From: Susan Day <suzieprogrammer@gmail.com>
>How do I make it so that it's impossible to SSH into the server directly as root? That is, make it necessary to SSH in as an ordinary user and then su to root?

Google says:

/etc/ssh/sshd_config:
PermitRootLogin no

JD



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 01-06-2010, 12:29 PM
Susan Day
 
Default Signing In Other than Root

On Tue, Jan 5, 2010 at 9:16 AM, Max Hetrick <maxhetrick@verizon.net> wrote:

Susan Day wrote:

> Hi;

> How do I make it so that it's impossible to SSH into the server directly

> as root? That is, make it necessary to SSH in as an ordinary user and

> then su to root?

> TIA,

> Suzie



# vim /etc/ssh/sshd_config



Uncomment the following line:



#PermitRootLogin yes

PermitRootLogin no



# service sshd restart

Thanks!
Suzie

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 07:29 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org