12
Linux tutorial: Disable login as “root” user via SSH as a security measure
source link: https://github.com/VeliovGroup/ostrio/blob/master/tutorials/linux/security/disable-ssh-root.md
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Disable SSH login for root user
Why?
-
Most of the automatic brute-force software starts with attacking SSH service on
22port and try to match a password for therootuser -
rootuser is not the only user under risk, brute-force software has abundant dictionaries of most common used user-names, so it's a good idea to create a user with some random-gibberish name, like:QBHZEEQXT
Before you go:
Edit /etc/ssh/sshd_config
file:
# nano /etc/ssh/sshd_config # Find line starting with "PermitRootLogin" # change "yes" to "no": PermitRootLogin no # Save file with: "ctrl + o" combination # Close file with: "ctrl + x" combination
Add extra security layer, with limiting login only to a single user ( optional ):
# nano /etc/ssh/sshd_config # Add new line, where username # is a name of ONLY allowed to login # over SSH user: AllowUsers username # Save file with: "ctrl + o" combination # Close file with: "ctrl + x" combination
Restart SSH service:
service sshd restart
Further reading:
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK