For security purposes my company wants me to not allow anyone to be able to log into our Ubuntu server as root remotely over SSH. We still want the root account to exist, we just do not want it to be able to be logged into remotely. How would I accomplish this?
Thank you very much in advance for your time.
I assume you meant logging in over SSH? Put the following line to /etc/ssh/sshd_config
:
PermitRootLogin no
If you want to deny certain users from logging in, put this in the configuration file:
DenyUsers root
This takes the blacklisting approach. Whitelisting is generally preferable. If your company needs to allow the rob
and admin
users log in on the server, use the following configuration directive:
AllowUsers rob admin
After making configuration file changes, restart the ssh service using the command:
sudo service ssh restart
See also the manual page.
No comments:
Post a Comment