LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Key based authentication only for root for SSH (http://www.linuxquestions.org/questions/linux-security-4/key-based-authentication-only-for-root-for-ssh-720025/)

the_gripmaster 04-18-2009 08:28 AM

Key based authentication only for root for SSH
 
I disabled direct login of root by modifying /etc/ssh/sshd_config as follows:

PermitRootLogin no

This, however, disables direct root login for all authentication methods.Is there any parameter in the sshd_config file which I can change to allow direct login of root for only key-based authentication?

TIA.

unSpawn 04-18-2009 10:01 AM

Quote:

Originally Posted by the_gripmaster (Post 3513166)
This, however, disables direct root login

...which is good...


Quote:

Originally Posted by the_gripmaster (Post 3513166)
change to allow direct login of root

...which would be bad since you should not (want to) log in as root anyway.

AlucardZero 04-18-2009 10:09 AM

Code:

man sshd_config
Quote:

PermitRootLogin
Specifies whether root can log in using ssh(1). The argument must be “yes”,
“without-password”, “forced-commands-only” or “no”. The default is “yes”.

If this option is set to “without-password” password authentication is disabled for
root.

If this option is set to “forced-commands-only” root login with public key authenti‐
cation will be allowed, but only if the command option has been specified (which may
be useful for taking remote backups even if root login is normally not allowed).
All other authentication methods are disabled for root.

If this option is set to “no” root is not allowed to log in.

unSpawn 04-18-2009 10:12 AM

Good one. I'll go read some more manual pages...

the_gripmaster 04-18-2009 05:43 PM

@AlucardZero
 
Thanks man.


All times are GMT -5. The time now is 02:33 PM.