System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

how root deny in web server ?

 
monu_1
Regular Advisor

how root deny in web server ?

HI all,

1) how can deny root for access web server?
2) how can use grep to /var/log/maillog which is generated in between 2.00PM to 3.00PM?

Thanks,
MKS
2 REPLIES
Steven E. Protter
Exalted Contributor

Re: how root deny in web server ?

Shalom,

1) You can disable the root account in /etc/passwd Thats going to make it pretty hard to administer the machine.

I would suggest setting up ssh to only accept root access based on pre-placed public keys.

/etc/ssh/sshd_config

#PermitRootLogin no
PermitRootLogin without-password


SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Patrick Terlisten
Honored Contributor

Re: how root deny in web server ?

Hello Manoj,

you need to disable root access over SSH. Just edit your /etc/ssh/sshd_config and reload the sshd.

PermitRootLogin no

To enable the more secure Pubkey Authentication, just add

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

to you /etc/ssh/sshd_config. You need to create a key pair and put your new generated public key in the /home/$USERNAME/.ssh/authorized_keys on the weberver. Now you can access the webserver with a normal user account and without a password. Root login is denied, so you need to use sudo or su to change you user.

Hope this helps.

Best regards,
Patrick
Best regards,
Patrick