Jamie Le Souef

On my quest of knowledge of GNU/Linux, most specifically Ubuntu Server one of the things I’m contently look at is security. I’ve known for some time that Linux is by far a more secure platform than Windows or OS X but a system is only as secure as the user using it.

What i want to cover in this post is the ability to gain entry to your server via SSH and the default root account. As i said, Linux is very secure but if you have a password such as your dogs name “Fluffy” it’s not going to be at all hard for a would be attacker to gain entry via brute force - especially if they already know the user name (root)

So what do we do. We’ll we disable root from being able to log into the server via SSH.

So let’s get started.

Login to your server (presumably you’ll be using your root account or you won’t be reading this article)

ssh -l root host.name

next, we want to edit the SSH config file so fire up nano (or vi) so we can edit the file

nano -w /etc/ssh/sshd_config

Find the following section

# PermitRootLogin yes

and change it to

PermitRootLogin no

(note that we’ve removed the hash ‘#’ and also added ‘no’ at the end)

Hit Ctrl+X and save the file as you exit. So now root can’t login via SSH. Great you say but now how to I get myself in there to edit stuff? We need to add a new user who’ll have sudo privleges thats what.

So, to add a new user enter the following

useradd UserName -g wheel

This will add a new user to the wheel usergroup. Remember to change UserName for your new user name (duh)

Now set a password for the new account

passwd UserName

This is really important. Make sure that you chose a strong password. Fluffy is not considered strong by any stretch of the imagination. Click this URL for a list of random generated strong passwords (there will never be the same password twice. Refresh it and see!)

Now we need to adjust the sudoers file so that users on the wheel account can access su features.

nano -w /etc/sudoers

Find the line

# Uncomment to allow people in group wheel to run all commands
# %wheel  ALL=(ALL)       ALL

And uncomment the last line so it reads

# Uncomment to allow people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL

Hit Ctrl+x to exit and save the file. And then at the prompt enter

service sshd restart

If you’ve done it all correctly, the next time you try and log in as root you should receive an error message like this “Permission denied, please try again.” You should now be able to log in with your new user name and password.

So now your in, you want to preform something that requires root access all you need to do is enter

sudo su

You’ll then be asked for you password and once entered in correctly you’ll be logged in with root privileges until you end the session or type exit.

How good is that!

Have fun

Related Posts

• August 22, 2008 -- Linux : Creating & Managing Users Accounts Part 1
• October 25, 2007 -- Secure passwords made easy!
• September 19, 2008 -- Linux Tip : Sorry, sudo must be setuid root
• September 15, 2008 -- Tip : Backing up a large MySQL Database (errno: 24)
• August 31, 2008 -- Vim Editor : 100 commands every admin should know

This entry was posted on Friday, August 22nd, 2008 at 2:13 pm and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

There are 3 Responses to “ Linux Security : Can you SSH as root? ”

1

Jamie Le Souef Says

If I’ve missed something here or you know of another security tip that i should look at please comment away (i do not have the nofollow tag on my comments… you so know you want to )

Reply - Quote

August 22nd, 2008 at 2:18 pm

Leave a Reply