[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 794
  • Last Modified:

Remote root access using putty

We are trying to minimise the ability of users logging on directly as root. By forcing them to log on as their own accounts and then su'ing to root, we can audit who has done what better.
/etc/default/login has CONSOLE=/dev/console which stops people logging is as root remotely when they use telnet.
However, now we are moving towarss SSH, I tried using PuTTY and found out that you CAN log in as root remotely with this product!

Does anyone know why this is allowed and how it can be stopped?

Thanks

Chris
0
cjshepherd
Asked:
cjshepherd
  • 4
  • 2
1 Solution
 
PsiCopCommented:
Yes. I *assume*, since you don't say, that you are using OpenSSH.

In the sshd_config file, there is a specific entry for allowing/disallowing root login via SSH. I'll have to find it and I'll post it here.

If you're not using OpenSSH, well, we're Experts, not mindreaders. Tell us what you ARE using.
0
 
cjshepherdAuthor Commented:
Sorry - yes I am using OpenSSH.

0
 
PsiCopCommented:
What VERSION?
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
PsiCopCommented:
The online man page for the the current version OpenSSH sshd_config file can be found at --> http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5&arch=&apropos=0&manpath=OpenBSD+Current

Specifically, you are probably interested in the DenyUsers and PermitRootLogin keywords. Using either one of those you will be able to block login as root using SSH.
0
 
cjshepherdAuthor Commented:
got it!  Thanks very much
0
 
PsiCopCommented:
Don't forget to force the sshd daemon to re-read the config file after you change it. The changes are not effective until after SSH re-reads its config.

# kill -HUP [pid of sshd]

The pid is probably recorded in /var/run/sshd.pid or something similar.
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now