<div>
Of causd<br />
<br />
so in /etc/ssh/sshd_config change the setting <br />
<br />
#PermitRootLogin yes<br />
<br />
into<br />
<br />
PermitRootLogin no<br />
<br />
---<br />
Logon as a restricted user and use<br />
<br />
su -<br />
<br />
to change your permissions to the root account. <br />
<br />
Tolomir
</div>


Of causd

so in /etc/ssh/sshd_config change the setting

#PermitRootLogin yes

into

PermitRootLogin no

---
Logon as a restricted user and use

su -

to change your permissions to the root account.

Tolomir

<div>
You have no obligation to answer this:<br />
<br />
jrs@server [/]# su -<br />
-bash: /bin/su: Permission denied<br />
<br />
Help :)
</div>


You have no obligation to answer this:

jrs@server [/]# su -
-bash: /bin/su: Permission denied

Help :)

<div>
jrs@server [~]# su<br />
-bash: /bin/su: Permission denied<br />
<br />
Thanks for your help,<br />
<br />
Jay<br />
<br />
P.S. I did adduser jrs then passwd jrs to make the account.
</div>


jrs@server [~]# su
-bash: /bin/su: Permission denied

Thanks for your help,

Jay

P.S. I did adduser jrs then passwd jrs to make the account.

<div>
can you login as root on that machine locally?
</div>


can you login as root on that machine locally?

<div>
Locally as in through Putty (yes, I can), servers in the US, I'm in the UK.<br />
<br />
Jay
</div>


Locally as in through Putty (yes, I can), servers in the US, I'm in the UK.

Jay

<div>
so there is a password set for root?
</div>


<div>
I'm asking because &quot;su -&quot; could be rejected if no password for root is set!
</div>


I'm asking because "su -" could be rejected if no password for root is set!

<div>
There is a nice strong password set for root.<br />
No su - jrs doesn't work<br />
<br />
:(<br />
<br />
Jay
</div>


There is a nice strong password set for root.
No su - jrs doesn't work

:(

Jay

<div>
Ok try this &nbsp;as root:<br />
<br />
chmod 755 /bin/su
</div>


Ok try this  as root:

chmod 755 /bin/su

<div>
It seems like the user jrs didn't have permissions to execute &quot;su&quot;. With &quot;chmod 755 /bin/su&quot; you grant all users the permission to execute &quot;/bin/su&quot;.<br />
<br />
If that is a security problem, set permissions to &quot;chmod 750 /bin/su&quot; and add the user to the group &quot;/bin/su&quot; is assigned to.<br />
<br />

</div>


It seems like the user jrs didn't have permissions to execute "su". With "chmod 755 /bin/su" you grant all users the permission to execute "/bin/su".

If that is a security problem, set permissions to "chmod 750 /bin/su" and add the user to the group "/bin/su" is assigned to.



<div>
Please continue the question here:<br />
<br />
<a href="https://www.experts-exchange.com/viewQuestion.jsp?qid=22719545" rel="ugc">https://www.experts-exchange.com/viewQuestion.jsp?qid=22719545</a>
</div>


Please continue the question here:

https://www.experts-exchange.com/viewQuestion.jsp?qid=22719545 [https://www.experts-exchange.com/viewQuestion.jsp?qid=22719545]

<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
I'm quite new to SSH security, so please forgive me. I've read on the internet (somewhere), that you should never login as 'root', which is what I've been doing on my server for around 4 months, is that wrong? They claim you should make an account with a root 0 UID (eh?) or use su - (what's that point?).<br />
<br />
Many Thanks,<br />
<br />
Jay
</div>
</div>


Hi,

I'm quite new to SSH security, so please forgive me. I've read on the internet (somewhere), that you should never login as 'root', which is what I've been doing on my server for around 4 months, is that wrong? They claim you should make an account with a root 0 UID (eh?) or use su - (what's that point?).

Many Thanks,

Jay

SSH Information, Don't root login??

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.

Linux

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Unix is a multitasking, multi-user computer operating system originally developed in 1969 at Bell Labs. Today, it is a modern OS with many commercial flavors and licensees, including FreeBSD, Hewlett-Packard’s UX, IBM AIX and Apple Mac OS-X. Apart from its command-line interface, most UNIX variations support the standardized X Window System for GUIs, with the exception of the Mac OS, which uses a proprietary system.