Step 1: Login to system as root user. Don’t worry, you will be using root account for remote login only in this step.


Step 2:
 Create an alternate user account. For example, administrator.
[root@root ~]# adduser administrator


Step 3:
 Set a strong password for user account created in step 2.

[root@root ~]# passwd administrator


Step 4:
 Open another terminal & login to the system as the new user created in step 2. This step will allow you to test if the new account works properly.


Step 5:
 Test that you can switch to root account.

[administrator@administrator ~]$ su -


Enter root account password and check if you have gained root access.

[root@root ~]# whoami
root


Step 6:
 Disable root user login via SSH.

[root@root ~]# vi /etc/ssh/sshd_config


Step 7:
 Lookout for '#PermitRootLogin yes'. By default, root login is allowed by SSH.


Step 8:
 Change '#PermitRootLogin yes' to 'PermitRootLogin no'


Step 9:
 Save the file & exit


Step 10:
 Make sure sshd_config does not have any syntax errors.

[root@root ~]# /usr/sbin/sshd -t
[root@root ~]# echo $?
0

The above output suggests, sshd_config does not have any syntax error. In case, if there is an error, you would see non-zero output.


Step 11:
 Restart SSH to read the new configuration change.

# service sshd restart


Step 12:
 Make sure root login via SSH is disabled.

ssh root@<ip-address>

The access should be denied in spite of entering valid password for root user. It means, SSH has denied access to the root account.


Step 13:
 Login as non-privileged user account created in Step 2.


Step 14:
 When needed, switch to root account as below:

[administrator@administrator ~]$ su -


That’s it !!
 

Hasznosnak találta ezt a választ? 0 A felhasználók hasznosnak találták ezt (0 Szavazat)