Monitoring, Management & Location Tracking

How to disable root access on Airwave versions prior to 8.2.4

MVP Expert
MVP Expert
Requirement:

How to disable root access on Airwave versions prior to 8.2.4 for Security reasons and to be able to track the user activity.

 

Note: This is not applicable for the Airwave versions 8.2.4 and above as the root access is by default blocked going forward.



Solution:

We will need to make sure, we create the sudo root user first, before disabling the root user.



Configuration:
  1. Please make sure to create a user account with Sudo root access, by doing the following:

 

useradd awsupport   (awsupport is an example you could create any user name)

 

passwd awsupport

 

will prompt for the new password and then the confirmation. Giving the user sudo privileges requires adding an entry to the /etc/sudoers file. You can do so by running

 

/usr/sbin/visudo

 

and then adding one of the below lines, the 1st will prompt for password, the 2nd will not:

 

## Allows people in group wheel to run all commands

awsupport ALL=(ALL) ALL

 

## Same thing without a password

awsupport ALL=(ALL) NOPASSWD: ALL

 

Once this is done, please login to the CLI using the above credentials, and make sure you are able to run # sudo sh and get into shell mode.

 

    2. Steps to disable the root access:

 

[root@root ~]# vi /etc/ssh/sshd_config

 

Change this line:

#PermitRootLogin yes

 

Edit to this:

PermitRootLogin no

 

Ensure that you are logged into the box with another shell before restarting sshd to avoid locking yourself out of the server.

 

[root@root ~]# /etc/init.d/sshd restart

Stopping sshd: [ OK ]

Starting sshd: [ OK ]

[root@root ~]#



Verification

Now we could try ssh using putty or any other tool, using root as the username and we could see the below error:

 

login as: root
root@<ip or hostname> password:
Access denied

However, if you are logged with other user, should be able to login as shown below:

login as: testing

testing@10.17.164.249's password:
Last login: Thu Jun 22 10:15:06 2017 from 10.20.25.25
[testing@localhost ~]$ sudo sh
sh-4.1#

 

 

 

 

 

Version history
Revision #:
2 of 2
Last update:
‎06-07-2019 07:15 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: