topic Re: how root deny in web server ? in Operating System - Linux

how root deny in web server ?

monu_1 — Wed, 20 Feb 2008 06:52:40 GMT

HI all,

1) how can deny root for access web server?
2) how can use grep to /var/log/maillog which is generated in between 2.00PM to 3.00PM?

Thanks,
MKS

Re: how root deny in web server ?

Steven E. Protter — Wed, 20 Feb 2008 08:58:24 GMT

Shalom,

1) You can disable the root account in /etc/passwd Thats going to make it pretty hard to administer the machine.

I would suggest setting up ssh to only accept root access based on pre-placed public keys.

/etc/ssh/sshd_config

#PermitRootLogin no
PermitRootLogin without-password

SEP

Re: how root deny in web server ?

Patrick Terlisten — Thu, 21 Feb 2008 07:14:59 GMT

Hello Manoj,

you need to disable root access over SSH. Just edit your /etc/ssh/sshd_config and reload the sshd.

PermitRootLogin no

To enable the more secure Pubkey Authentication, just add

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

to you /etc/ssh/sshd_config. You need to create a key pair and put your new generated public key in the /home/$USERNAME/.ssh/authorized_keys on the weberver. Now you can access the webserver with a normal user account and without a password. Root login is denied, so you need to use sudo or su to change you user.

Hope this helps.

Best regards,
Patrick