If you are planning to deploy openssh on any server, you must secure it from hackers. There are several programs on internet which can launch a brute force attack against your ssh server. The first step to a secure ssh server is to disable root access via ssh. Brute force attackers often try to guess root password using dictionary attack.
Open /etc/ssh/sshd_config file using your favorite editor. You must be root to do this.
Scroll down the file until you locate
# /etc/init.d/ssh restart
After restarting SSH, try to connect using the root account. Access will be denied. However , if you want to access root from a remote machine via ssh, login using a normal user account and use su to become root.
Open /etc/ssh/sshd_config file using your favorite editor. You must be root to do this.
Scroll down the file until you locate
LoginGraceTime 120Modify PermitRootLogin to
PermitRootLogin yes
StrictModes yes
PermitRootLogin noYou can save the file and restart ssh server . On ubuntu you can do this as below.
# /etc/init.d/ssh restart
After restarting SSH, try to connect using the root account. Access will be denied. However , if you want to access root from a remote machine via ssh, login using a normal user account and use su to become root.
No comments:
Post a Comment