Disabling remote connection to root
In this article, we will talk about a rather important aspect when working on the server, namely the root user and connecting to it. You probably leave the remote connection to the root user active in order to work from home, but in this way you put your server in great danger. The thing is that attackers can intercept the data that you send to the server when you try to log into your account remotely, and this is dangerous because a hacker will gain access to the superuser and ruin the entire server. To avoid this, this article was written, with which you can disable remote access to the root user.
Commands used
Useradd -m -s /bin/bash -c ‘Admin’ username
Passwd username
Usermod -aG sudo username
cd /var/log/
sudo cat auth.log
sudo nano /etc/ssh/sshd_config
sudo systemctl restart sshd
Video instructions
Written instructions
To be able to work remotely on the server and not endanger it, you need to create a user and grant him Sudo rights. This is done as follows
Creating a user
Useradd -m -s /bin/bash -c ‘Admin’ username
When a user is created he needs to come up with a password
Passwd username
When you have come up with a password, enter the following command to grant administrator rights
Usermod -aG sudo username
After creating a user, we need to log in using this user. To log in remotely, you can use the Putty program.
After logging in to the account, go to the logs folder by entering
cd /var/log/
The following command will show us all attempts
to log in to the
sudo cat auth.log
There will be a lot of symbols in front of you, among which you will be able to see login attempts, from which addresses they were made and their status.
Next, exit the directory by entering CD
When we were back on the main page of the terminal using any convenient text editor, open the following item (I use the nano editor)
sudo nano /etc/ssh/sshd_config
In this editor you will need to find the line
PermitRootLogin yes and change yes to No
After that, save the file and exit it
Now restart SSH protocols by entering
sudo systemctl restart sshd
After that, you can try to log in using the root user, but you will not succeed. An error will occur (An example can be seen in the video.)
Conclusion
In this article, I have shown you how to increase the security level of your server in a few steps. It was shown how to disable remote access to the root user, you can also enable remote access by following the same commands. You can see an example in the video.