Tuesday, 21 January 2014

Disable Direct Root Login in cpanel server

Another security measure you can take to lock down a Linux server is to disable the root user login in the SSH server.

First you need to add new admin user

root@server1 [~]# adduser admin
root@server1 [~]# passwd admin


Please keep admin password

root@server1 [~]# vi /etc/group
Make sure admin user wheel settings


wheel:x:10:root,admin


Modifying The sshd_conf File

Remember, backing up any important system file before you modify it is always a good idea!

 


root@server1 [~]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup



  1. Copy and paste this line to edit the file for SSH logins



root@server1 [~]# vi /etc/ssh/sshd_config


2. Find the line
Protocol 2, 1


3. Uncomment it and change it to look like
Protocol 2


4. Next, find the line
PermitRootLogin yes



  1. Uncomment it and make it look like PermitRootLogin no


  2. Save the file Ctrl+X then Y then enter




7. Now you can restart SSH
root@server1 [~]# /etc/rc.d/init.d/sshd restart


SSH into your server as 'admin' and gain root access by su

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)