Save up to 30% on Dedicated Servers – Chat Now!

Your Webhosting Questions
Answered by the Webhosting Experts
Tags +
...
Tags
...
...

How can I disable root logins via ssh on Redhat?

Before you disable root logins you should add an administrative user that can ssh into the server and become root with su.

1. Add the user. In the following example we will use the user name admin. adduser will automatically create the user, initial group, and home directory. We will specify that we want to add admin to the “wheel” group.

[[email protected] ~]# adduser admin -G wheel
[[email protected] ~]#  id admin
uid=501(admin) gid=501(admin) groups=501(admin),10(wheel)
[[email protected] ~]# ls -lad /home/admin/
drwx——  2 admin admin 4096 Nov  8 16:01 /home/admin/

2. Set the password for the admin user. When prompted type and then retype the password.

[[email protected] ~]# passwd admin
Changing password for user admin.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[[email protected] ~]#

3. SSH to the server with the new admin user and ensure that the login works.

4. Verify that you can su (switch user) to root with the admin user.

[[email protected] ~]$ su –
Password:
[[email protected] ~]$ whoami
root

5. Edit /etc/ssh/sshd_config with your favorite text editor.

[[email protected] ~]# vi /etc/ssh/sshd_config
Change this line:

#PermitRootLogin yes

to this:

PermitRootLogin no

6. Ensure that you are logged into the box with another shell before restarting sshd to avoid locking yourself out of the server.

[[email protected] ~]# /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[[email protected] ~]#

Share

Facebook
Twitter
LinkedIn
Email
WhatsApp

Need More Personalized Help?

If you have any further issues, questions, or would like some assistance checking on this or anything else, please reach out to us from your my.hivelocity.net account and provide your server credentials within the encrypted field for the best possible security and support.

If you are unable to reach your my.hivelocity.net account or if you are on the go, please reach out from your valid my.hivelocity.net account email to us here at: [email protected] We are also available to you through our phone and live chat system 24/7/365.