Your Webhosting Questions
Answered by the Webhosting Experts
Tags
...
...

Disable root Logins via ssh on Redhat

Before you disable root logins you should add an administrative user that can ssh into the server and become root with su.

  1. First, you will need to add the user. In the following example we will use the user name “admin”. The command adduser will automatically create the user, initial group, and home directory. We will then specify that we want to add admin to the “wheel” group. For this example, use the following command:
     
    sudo adduser admin && sudo usermod -aG wheel admin 
     
    Screenshot showing the results of the command sudo adduser admin && sudo usermod -aG wheel admin.
     
    To review the group parameters for the user:
     
    id admin
     
    Screenshot showing the results of the id admin command.
     
    To view the content of the /home directory made for the user you’ve just created:
     
    ls -lad /home/admin/
     
    Screenshot showing the results of the ls -lad /home/admin/ command.
     
  2. Now that the user “admin” been created, we need to set their password using the passwd command. When prompted, type and then retype the password.
     
    passwd admin
     
    Screenshot showing the results of the passwd admin command.
     
  3. Next, ssh to the server with the new admin user and ensure that the login works.
     
    ssh admin
     
    Screenshot of the results of the ssh admin command.
     
  4. Now, verify that you can su (switch user) to root with the admin user.
     
    sudo su
     
    Screenshot showing the results of sudo su command.

    And to confirm that you are now working as the root user, use the following command:
     
    whoami
     
    Screenshot showing the results of the command whoami.
     
  5. Edit /etc/ssh/sshd_config with your favorite text editor and change “PermitRootLogin yes” to “PermitRootLogin no”.
     
    nano /etc/ssh/sshd_config
     
    Screenshot showing the results of the nano /etc/ssh/sshd_config command.
     
  6. Finally, restart the service with either:
     
    systemctl restart sshd
     

     
    or
     
    service sshd restart
     
    Screenshot showing the results of the command service sshd restart.

Need More Personalized Help?

If you have any further issues, questions, or would like some assistance checking on this or anything else, please reach out to us from your my.hivelocity.net account and provide your server credentials within the encrypted field for the best possible security and support.

If you are unable to reach your my.hivelocity.net account or if you are on the go, please reach out from your valid my.hivelocity.net account email to us here at: [email protected]. We are also available to you through our phone and live chat system 24/7/365.

Tags +
...