Operating System - HP-UX
1839217 Members
3013 Online
110137 Solutions
New Discussion

Disable direct root login using ssh

 
SOLVED
Go to solution
marvik
Regular Advisor

Disable direct root login using ssh

Dear All,

I want to block direct ssh root login.I am using putty.Want to ensure users login with their id and then su to root.I searched in sshd_config file but couldn't see the relevant parameter.Am i missing something?

Thanks & Rgds
9 REPLIES 9
Jaime Bolanos Rojas.
Honored Contributor

Re: Disable direct root login using ssh

Marvik,

Check this old thread, it will guide you on what you want to do

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1042982

Regards,

Jaime.
Work hard when the need comes out.
Marvin Strong
Honored Contributor

Re: Disable direct root login using ssh

Place PermitRootLogin no in sshd_config.

Mel Burslan
Honored Contributor
Solution

Re: Disable direct root login using ssh

echo "PermitRootLogin no" >> /opt/ssh/etc/sshd_config
(depending on your version of ssh config file location might differ but this location is good for recent versions of ssh, like 3.8x or 4.x)


/sbin/init.d/secsh stop
/sbin/init.d/secsh start


Hope this helps.
________________________________
UNIX because I majored in cryptology...
DCE
Honored Contributor

Re: Disable direct root login using ssh


create /etc/securetty with one line

console

This will prevent direct root logins in non-cde environments except from the console
marvik
Regular Advisor

Re: Disable direct root login using ssh

Marvin,

Do i need to restart sshd after that,I changed the parameter.

Thanx
Patrick Wallek
Honored Contributor

Re: Disable direct root login using ssh

Probably.

Better safe than sorry.
Mel Burslan
Honored Contributor

Re: Disable direct root login using ssh

yes you will need to restart sshd as I described in my previous post
________________________________
UNIX because I majored in cryptology...
Marvin Strong
Honored Contributor

Re: Disable direct root login using ssh

yes as a general rule whenever you change a parameter to any daemon you will need to restart it.
marvik
Regular Advisor

Re: Disable direct root login using ssh

Thanks to all,

Its working fine,after restarting secsh

Rgds
Marvik