Disable Direct Root Login
Allowing the root user to login directly is a major security issue, we'll show you how to disable it so you can still login as root but just not directly, reducing the security issue.
This will force a hacker to have to guess 2 seperate passwords to gain root access.
We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
1. SSH into your server as 'admin' and gain root access by su
2. Copy and paste this line to edit the file for SSH logins
3. Find the line
4. Uncomment it and change it to look like
5. Next, find the line
6. Uncomment it and make it look like PermitRootLogin no
7. Save the file Ctrl+X then Y then enter
8. Now you can restart SSH
Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root, and you will be forcing the use of a more secure protocol. Just make sure you remember both passwords!
Similar Articles : Compile 2.6.7, 2.6.8, 18.104.22.168, 2.6.9, 2.6.10, 22.214.171.124 Kernel w/module-init-tools, Rkhunter Installation, Detect and Clean a hacked server T0rnkit Tutorial, How to install KISS Firewall, How to Disable Telnet, How to install mod_security for Apache, How to install BFD (Brute Force Detection), How to install APF (Advanced Policy Firewall), E-mail Alert on Root SSH Login, Mask Your Web Server for Enhanced Security, Guide to Chkrootkit - checking for intruders, Creating a Welcome message for SSH logins, Disable Direct Root Login, RootCheck - Root Check, Changing APF log for TDP/UDP drop's
© Copyright 2003-2010
ABN 97 125 618 662