Disable Direct Root Login and User Access via SSH to Server禁用直接根登录和用户接入通过SSH服务器
Everybody knows, including hackers and attackers that all Linux and UNIX flavored systems come with a all powerful root user account, which once get compromised, mean all hell breaks loose.大家都知道,包括和黑客攻击,所有的Linux和Unix系统的风格来与所有的强大root用户帐户,一旦获得妥协,意味着所有的地狱休息松散。 So it’sa good security practice to disable the ability for root user to able to login and gain access to the server system via SSH directly (of course, the system must have disabled FTP access).因此,这是良好的安全实践中禁用的能力,为root用户,以能够登录和获取服务器系统通过SSH直接(当然,系统必须有残疾人士的FTP访问) 。 After disabling direct root SSH remote login, the chance for the brute force hacking to success is greatly reduced.停用后,直接根的SSH远程登录,有机会为强权的黑客成功之道是大大减少。
To turn off and disable direct root SSH login, follow this simple tutorial:要关闭和禁用直接根的SSH登录,按照这个简单的教程:
IMPORTANT: Make sure you have another account (preferably belongs to wheel user group too) which is able to login via SSH remotely, and able to SU to root user account.重要事项:请确保您拥有另一个帐号(最好是属于车轮用户组太)是能够通过SSH登录远程,并能够苏以root用户的帐户。 Else you risk been locked out from your server.否则,你的风险被锁定,从您的服务器。
- SSH into server and login as root.到SSH的服务器和以root登入。
- In command shell, use pico or vi to edit sshd_config file by typing one of the following commands:在命令外壳,使用微微或vi编辑sshd_config文件中键入下列命令之一:
pico /etc/ssh/sshd_config微微的/ etc / ssh / sshd_config
vi /etc/ssh/sshd_config六的/ etc / ssh / sshd_config - Scroll down the SSH server configuration file and locate a line like below:向下滚动的SSH服务器配置文件,并找出一条线一样,如下:
#PermitRootLogin yes # permitrootlogin是
- Uncomment the line by removing the hash symbol (#), and then change the “yes” to “no”.注释行删除散列符号( # ) ,然后改变“是” “否” 。 The final line should look like below:最后一行看起来应该像如下:
PermitRootLogin no permitrootlogin没有
- Save the config file.保存配置文件。 In pico, press Ctrl-o, follow by Ctrl-x.在微微,按下Ctrl -澳,后续由按Ctrl - X的。 In vi, type :wq and press Enter.在六,类型: wq并按下Enter 。
- Restart SSH server by typing the following command in command line, and press Enter:重新启动的SSH服务器上键入以下命令,在命令行中,并按下ENTER :
/etc/rc.d/init.d/sshd restart在/ etc / rc.d / init.d /的sshd重新启动
- Logout from SSH connection.登出从ssh连接。 Try to login as root, it should fail with Access denied error.尝试以root登入,它应失败,拒绝访问错误。 To access root account, login with your own user name and password, and then SU to root.访问root帐号,登录您自己的用户名和密码,然后向苏根。
IMPORTANT : This is a machine translated page which is provided "as is" without warranty. 重要说明 :这是一个机器翻译网页是“按原样”提供的担保。 Machine translation may be difficult to understand.机器翻译可能很难理解。 Please refer to请参阅 original English article英文原版的文章 whenever possible.只要有可能。
Share and contribute or get technical support and help at分享和贡献,或取得技术的支持和帮助,在 My Digital Life Forums 我的数字生活论坛 . 。
Related Articles相关文章
- How to Get Linux Server Sends Email Alert on Root Login如何让Linux服务器发送电子邮件警报对根登录
- Disable and Turn Off Telnet in Linux禁用和关闭的Telnet在Linux
- Cannot FTP to Web Host or Server running cPanel/WHM不能FTP发布到Web主机或服务器运行的cPanel /的WHM
- cPanel Invalid License File After Changing Hostname Error的cPanel无效的许可文件后,改变主机的错误
- Restore Full Backup or cpmove File in cPanel Web Host恢复完整备份或cpmove文件中的cPanel Web主机
- Using phpMyAdmin for Effective MySQL Management in Windows XP使用phpmyadmin有效MySQL的管理在Windows XP
- Installing Web Server in FreeBSD 6.0 with Apache 2.2, MySQL 5.0 and PHP 5 - Part 3安装Web服务器在FreeBSD的6.0与2.2的Apache , MySQL 5.0的和PHP 5 -第3部分
- Change and Reset MySQL root Password改变和重置MySQL的root密码
- How to Check if Telnet Is Running on a Server如何检查,如果Telnet是运行在服务器上
- Check and Optimize MySQL Database Automatically with Crontab/Cron检查和优化MySQL数据库自动与crontab /玉米
