Inorder to disable direct root login on a linux server, you need to do the following things:
1. vi /etc/ssh/sshd_config in that file make
Permitrootlogin no then save it
2. Restart sshd service
#/etc/init.d/sshd restart
3. Now create a new user and set password for that user.
4. Add that user to the wheel group
# vi /etc/groups
Add that user to the group of wheel by appending the user name to the end of the wheel user entry in 'groups' file
Entry Should look like this:
wheel:*:0:root,user_here
5. Now logon to the server using the username and password and then do
su - and provide the root password to get root access.
Inorder to work this properly you should have the following permission settings
chmod 4755 /bin/su
chmod 1700 /etc/passwd
chmod 1700 /etc/shadow
chmod 1755 /etc/groups
If there is anything wrong with this permission, you may get permission denied or incorrect password errors.
Regards
Nobs
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment