vdsmania
02-14-2005, 19:32
i read this article and try to make it
This section describes how to disable direct 'root' login to the machine and how to force the more secure SSH 2 protocols.
Disabling direct root login will force a hacker to have to guess 2 seperate passwords to gain root access.
After you do this, you will have to login as anotheruser then you will 'su -' to get to root.
We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
Just a couple more ways to help your server stay safe from the bad guys.
If you're using cPanel make sure you add your anotheruser user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root.
1. Set up anotheruser if you haven't already got one:
i. Type: groupadd anotheruser
ii. Type: useradd anotheruser -ganotheruser
iii. Type: passwd anotheruser and add a password for the new account.
On a CPanel system, you can now go into root WHM and add anotheruser to the wheel group.
2. SSH into your server as anotheruser and gain root access by going su - root and entering the root password.
3. Type: pico -w /etc/ssh/sshd_config
4. Find the line:
Code:
#Protocol 2, 1
Uncomment it and change it to look like:
Code:
Protocol 2
5. Next, find the line:
Code:
#PermitRootLogin yes
Uncomment it and make it look like:
Code:
PermitRootLogin no
6. It is also recommended that the following additional lines are added to the file:
Code:
LoginGraceTime 300
IgnoreRhosts yes
X11Forwarding no
UseLogin no
7. Hit CTRL+x, then y then enter to save the file.
8. Restart SSH with /etc/rc.d/init.d/sshd restart
i make all the things but the last restart
/etc/rc.d/init.d/sshd restart
when i write it it says no file
i looked at he /etc/rc.d/init.d/ directory i couldn't find a file for ssh could you help me
This section describes how to disable direct 'root' login to the machine and how to force the more secure SSH 2 protocols.
Disabling direct root login will force a hacker to have to guess 2 seperate passwords to gain root access.
After you do this, you will have to login as anotheruser then you will 'su -' to get to root.
We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
Just a couple more ways to help your server stay safe from the bad guys.
If you're using cPanel make sure you add your anotheruser user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root.
1. Set up anotheruser if you haven't already got one:
i. Type: groupadd anotheruser
ii. Type: useradd anotheruser -ganotheruser
iii. Type: passwd anotheruser and add a password for the new account.
On a CPanel system, you can now go into root WHM and add anotheruser to the wheel group.
2. SSH into your server as anotheruser and gain root access by going su - root and entering the root password.
3. Type: pico -w /etc/ssh/sshd_config
4. Find the line:
Code:
#Protocol 2, 1
Uncomment it and change it to look like:
Code:
Protocol 2
5. Next, find the line:
Code:
#PermitRootLogin yes
Uncomment it and make it look like:
Code:
PermitRootLogin no
6. It is also recommended that the following additional lines are added to the file:
Code:
LoginGraceTime 300
IgnoreRhosts yes
X11Forwarding no
UseLogin no
7. Hit CTRL+x, then y then enter to save the file.
8. Restart SSH with /etc/rc.d/init.d/sshd restart
i make all the things but the last restart
/etc/rc.d/init.d/sshd restart
when i write it it says no file
i looked at he /etc/rc.d/init.d/ directory i couldn't find a file for ssh could you help me