Disable SSH Root Logins on RHEL | spiralbound.net

Disable SSH Root Logins on RHEL

Data and Technology

Posted on April 30th, 2007

Written by cliff

Related Posts
Tags
attacker, authentication, edit, incoming, linux, networks, PermitRootLogin, red hat, rhel, root, root logins, security, ssh, sshd, sshd_config
For one reason or another RHEL does not disallow incoming ssh connections as root. This is, of course a glaring security problem which should be addressed for all systems that allow ssh connections to be made from any but the most restricted networks.

The best practice, of course, would be to make the initial ssh connection as an unprivileged user and then use the “su” command to promote yourself to root. This way, even if an attacker managed to get into the system, it would be as an unprivileged user and they would not able to do much harm. Allowing incoming ssh connections at root leaves you much more exposed to attack. Granted your root password is still protecting you, but it becomes your only layer of defense.

Ok, so how do we disallow incoming ssh connections as root on our RHEL box?

First, edit “/etc/ssh/sshd_config”

Find the section of the file that looks like this:
# Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6
Change this line:
#PermitRootLogin yes

To this:
PermitRootLogin no

Restart sshd:
/sbin/service sshd restart

People who looked at this item also looked at…
Related items
This entry was posted on Monday, April 30th, 2007 at 11:45 am and is filed under Data and Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
2 Comments

Take a look at some of the responses we've had to this article.
1. Buzz
  
  Apr 9th
  Reply
  
  Thanks for the info, the every handy google led me to this article.
  
  I should keep my own notes realy
2. Bob
  
  Jun 2nd
  Reply
  
  Yeah, I was just looking in my logwatch and I saw some people tried to log in – into SSH with root.. which they can’t log in with.
  
  I have to log in with a User and then do “sudo su -” for root.
  
  @Buzz: Make sure you actavate “sudo” too for extra security. If you search “centos using sudo” at google youll find many websites who will explain how to use it.
Leave a Reply

Let us know what you thought. Click here to cancel reply.
Name (required):

Email (required):

Website:

Message:

Visitors have tagged this post: t (364) - sshd_config root (98) - sshd root (71) - ssh_config root (64) - rhel ssh (35) - f (28) - ssh root (22) - rhel disable root login (22) - turn off ssh (21) - sshd_config disable root (20) - how to disable ssh (18) - spiralbound net (18) - dropbear disable root login (16) - redhat ssh root login (16) - disallow root ssh (16) - incoming (15) - sshd: root [net] (15) - solaris ssh root (15) - disable ssh (14) - linux disable ssh (14) - connections (14) - disable ssh redhat (13) - disable root login redhat (13) - RedHat disable root login (13) - sshd root login (13) - enable ssh RHEL (13) - rhel root login (13) - dropbear root login (13) - turn off root ssh (12) - dropbear root (12) - ssh root solaris (12) - disabling ssh in linux (11) - disable root ssh (10) - RHEL4 SSH (10) - RHEL5 ssh (10) - rhel 5 ssh (10) - rhel enable ssh (10) - RHEL SSH login without password (10) - rhel4 enable ssh (9) - rhel disable root ssh (9) - SSH disable root (9) - sshd_config root login (9) - disable ssh for root (9) - how to enable ssh in rhel5 (9) - sshd allow root (9) - how to disable SSH in Linux (8) - rhel restart sshd (8) - dropbear disable root (8) - enabling ssh for root (8) - how to enable ssh in RHEL 5 (8) - ssh disallow root (7) - disable ssh authentication (7) - ssh rhel 4 (7) - enable root ssh (7) - solaris "root ssh" (7) - redhat root ssh login (7) - how to enable ssh in rhel4 (7) - disable ssh root login (7) - RHEL 5 disable root login (7) - rhel4 sshd (7) - ssh_config disable root (7) - how to enable ssh in redhat linux (7) - enable ssh in rhel (7) - how to enable ssh redhat (7) - enable ssh on RHEL (7) - redhat enable root ssh (7) - disable ssh login (6) - enable root ssh redhat (6) - how to enable ssh in redhat (6) - RHEL sshd (6) - disabling ssh access (6) - enable ssh redhat (6) - enable SSH on RHEL 4 (6) - solaris allow root ssh (6) - disable root login rhel (6) - solaris ssh root login (6) - redhat allow root ssh (6) - sshd_config allow root (6) - enable root login redhat (6) - disallow root login ssh (6) - rhel 5 enable ssh (6) - rhel ssh root (6) - disable root ssh RHEL (6) - how to disable ssh on linux (6) - redhat ssh root (6) - redhat enable ssh (6) - SSH RHEL (6) - allow root to ssh (6) - disabling ssh linux (6) - enable ssh redhat 5 (6) - disable root login red hat (6) - how to enable ssh on RHEL4 (6) - enable ssh in redhat 4 (6) - sshd_conf root (6) - redhat 5 ssh (6) - ssh in RHEL (5) - restart ssh RHEL (5) - redhat disable root (5) - ssh disable (5) - restart sshd "rhel" (5) - restart ssh redhat (5) - RHEL ssh access (5) - rhel 4 ssh (5) - allow root ssh (5) - disable root access RedHat (5) - disable ssh on linux (5) - sshd_config rhel (5) - sshd_config root disable (5) - ssh turn off password (5) - sshd disable root (5) - turn off ssh linux (5) - RHEL ssh enable (5) - how to enable SSH in Linux (5) - solaris enable root ssh (5) - ssh + rhel4 (5) - RHEL5 enable ssh (5) - sshd_config disable root login (5) - disable ssh for user (5) - ENable SSH in RHEL4 (5) - sshd_config disallow root (5) - RHEL root ssh (5) - disallow ssh (5) - ssh_config root login (5) - enable ssh root redhat (5) - solaris 10 ssh root (5) - redhat root login ssh (5) - red hat enable ssh (5) - ssh as root solaris (5) - redhat disable ssh (5) - enable ssh rhel4 (5) - rhel4 disable root login (5) - rhel winbind (4) - turn off ssh command (4) - ssh root disable (4) - rhel 4 enable ssh (4) - sshd root login rhel (4) - turn off sshd (4) - ssh root lock (4) - rhel5 disable root ssh (4) - disable ssh root (4) - how to enable ssh in RHEL ? (4) - how to enable ssh for root user (4) - enable SSH redhat 4 (4) - dropbear allow root (4) - redhat disable ssh login (4) - ssh root login redhat (4) - dropbear PermitRootLogin (4) - ssh disallow root login (4) - dropbear disallow root login (4) - rhel sshd restart (4) -