[SOLVED] Can I change the name of "root" account?

netknights · 06-23-2015, 04:10 PM

Besides fail2ban, deny root login, use "limited shell"...
you could add two factor authentication to SSH.

Either use ssh keys, so that only login with ssh keys is possible or use other 2 factor authentication like privacyIDEA.

ron7000 · 06-26-2015, 04:22 PM

for ssh if you allow it, you modify /etc/ssh/sshd_config,
find the line that says PermitRootLogin and make sure 'no' is after it and not 'yes'.

you can edit /etc/securetty
I use SLES/SUSE and this file contains the device names of tty lines on which root is allowed to login.
mine is defaulted tty1 through tty6 and console. put a # in front of console to comment out that line, then the only way to gain root access is to switch user to root via su command.

in password file where it has the shell type for each user, such as /bin/bash,
you could set it to something like /bin/false but whether this will break your system or not i don't know. It would prevent anyone from getting root privileges including doing an su. I believe you would then have to have users listed in sudo or have specifically granted them certain elevated privileges before changing root's shell.

hack3rcon · 06-27-2015, 12:22 AM

I understand, It is possible but have some dangers.
I guess LQ must prepare a good document about Linux basic security.

unSpawn · 06-27-2015, 03:24 AM

Quote:

Originally Posted by hack3rcon

I know it is Odd but I don't like to have a default username in my system.

...which in the scheme of things means literally nothing. It would have been better / more efficient if you would have showed us what hardening you already have applied so we could efficiently correct and add to that.

Quote:

Originally Posted by hack3rcon

Can anyone show me some quick guide about securing linux more?

- Determine the location, type and purpose of the machine because that dictates which security documentation you will need to read.
- Start with your Linux distributions user, admin and security documentation and apply. (For example if you use Debian you could start with this, if you use CentOS you could start with this and this.)
- Then see this and this.
- Then meditate on any per-service benchmarks Cisecurity provides for say MySQL, Apache etc, etc and this (, this) and this.
- Follow that up by running an OpenVAS scan, preferably from one location that is and one that is not in any /etc/hosts.allow, firewall whitelist or other network ACL.
- Rinse and repeat when making software, configuration or user changes to the system.

Quote:

Originally Posted by hack3rcon

I guess LQ must prepare a good document about Linux basic security.

Put in some effort. You've been here long enough to know how searching LQ works. You could at least have found this.