For security purpose you may disable direct root login and create another ssh user with the privileges, simply you need to follow the steps:
Note : Don't close your current session until you confirm that the with the changes you have made, the server is accessible in another ssh session
1) Create a user say : webadmin
2 ) Set password for webadmin
3) In case of cPanel, you need to add this user to 'wheel group'
Now the user has been granted su previlages, you need to disable the root login for that you will need to login to the server at shell (command prompt)
1) Edit the SSHD configuration file ‘sshd_config’:
2) Search the line
Once you are complete with the above changes, save the file and exit. You will have to restart the sshd service for the changes to take effect.
Now, you will have to SSH to your server as user ‘webadmin’ and then su to root as follows:
Thats't
Note : Don't close your current session until you confirm that the with the changes you have made, the server is accessible in another ssh session
1) Create a user say : webadmin
# useradd webadmin
2 ) Set password for webadmin
# passwd webadmin
3) In case of cPanel, you need to add this user to 'wheel group'
WHM >> Security Center >> “Manage Wheel Group Users”
Now the user has been granted su previlages, you need to disable the root login for that you will need to login to the server at shell (command prompt)
1) Edit the SSHD configuration file ‘sshd_config’:
pico /etc/ssh/sshd_config
2) Search the line
PermitRootLogin yes
and change it to
PermitRootLogin no
Once you are complete with the above changes, save the file and exit. You will have to restart the sshd service for the changes to take effect.
# /etc/init.d/sshd restart
Now, you will have to SSH to your server as user ‘webadmin’ and then su to root as follows:
login as: webadmin
webadmin@xx.xx.xx.xx’s password: <webadmin pass here>
[admin@server ~]$ su -
password: <root password here>
[root@server ~]#
Thats't
0 comments:
Post a Comment