Disabling SSH access by root user

Aruba Employee

Disabling ssh logins for the root user is an important security procedure, and is recommended by AirWave. There are 2 steps involved:

1. Add users who can ssh to the server and gain root privileges.
2. Configure the ssh daemon to not allow remote ssh logins by root. 

Here's a simple process to achieve this with a user called joemontana:

1: ADD THE JOEMONTANA USER

# useradd joemontana
# passwd joemontana (you'll be prompted for a new password)
# echo "joemontana ALL=(ALL) ALL" >> /etc/sudoers

Now you should test that you can ssh to the server as joemontana and that you can become root with the "sudo su -" command:

$ sudo su -

Now enter joemontana's password. If you get a # prompt, this part was successful.

2: RECONFIGURE AND RESTART SSHD

# echo "PermitRootLogin no" >> /etc/ssh/sshd_config
# service sshd restart

Version history
Revision #:
1 of 1
Last update:
‎06-09-2014 08:39 AM
Updated by:
 
Labels (1)
Contributors