AustinTech

How To Secure SSH Root Access: originally posted at [sagonet.com)[http://forums.sagonet.com/showthread.php?t=1820] and reposted here for my own archives.

This article describes how to secure root access via SSH. The information in this article applies to both cPanel, and Interworx based server.

More Information 1. SSH to your server as the root superuser.

2. Backup your current SSH configuration file by typing the following command in shell:

Quote: cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup 3. Use your favorite text editor, and edit the /etc/ssh/sshd_config file. Search, and change the line that says ‘#Protocol 2, 1′ to ‘Protocol 2′. Do not save and exit the file just yet.

4. Search, and change the line that says ‘#PermitRootLogin yes’ to ‘PermitRootLogin no’. Save and exit the sshd config file.

5. Next, we will add a new user to the system, and include him in the WHEEL group. To do so, type the following command in shell:

Quote: useradd -G wheel <username> Note: If you already have an active user whom you want to add to the WHEEL group, type the following command in shell:

Quote: usermod -G wheel <username> 6. One important step is to make sure that you know the user’s password, whom you’ve just added to the WHEEL group. If you do not know the password, in shell type:

Quote: passwd <user> 7. Our last step would be to allow only the WHEEL group (whom our user is part of), to be able to run the ’su’ command in order to switch to the superuser. To do so, we will edit the /etc/pam.d/su file, and remove the ‘#’ before ‘auth required /lib/security/pam_wheel.so use_uid’

8. Make sure that you have performed correctly all the steps above before attempting to restart the sshd service in order to apply all the settings. Once you verified that everything is correct, type the following command in shell:

Quote: /etc/init.d/sshd restart