Disabling Direct Root Login (SSH)

Disabling root login via shh is a great way to tigthen security on your dedicated server.

Disabling root login will force any attempted hackers to use 2 passwords making the odds of him breaking in even harder. Now we know you don’t have to use two seperate passwords but if you don’t you are making it easier for someone to break into your server.

If you’re using cPanel make sure you add your anotheruser user to the ‘wheel’ group so that you will be able to ‘su -‘ to root, otherwise you may lock yourself out of root.
Set up anotheruser if you haven’t already got one:

1. Login to your server via SSH as root.

2. Type: pico -w /etc/ssh/sshd_config

3. Find this line:
PermitRootLogin yes
Uncomment it so it looks like
PermitRootLogin no

4. Save the file
Ctrl+X then Y and enter

5. Type: groupadd anotheruser

6. Type: useradd anotheruser -ganotheruser

7. Type: passwd anotheruser passwordhere

On a CPanel system, you can (MUST) now go into root WHM and add anotheruser to the wheel group. After you do this, you will have to login as anotheruser then you will ‘su -‘ to get to root.

Facebook Comments
Spread the love

Posted by News Monkey