Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have heard that you can prevent the root user from gaining access to the system using ssh. How do you do this? Also, if you do this is there a way to add users without logging on as root?
You need to edit your sshd config file. There is an AllowRootLogin directive that you just set to no, save the file and then restart sshd.
As for adding users, there are a couple of ways to do this. First is to log into the system as a normal user, and then use su - to become root. The second way would be to use sudo, which allows normal users to run specific commands with root privileges. Check out the sudo man pages for how to add commands.
Distribution: K/Ubuntu 18.04-14.04, Scientific Linux 6.3-6.4, Android-x86, Pretty much all distros at one point...
Posts: 1,802
Rep:
Correct me if I'm wrong, but even if you can't ssh as root, you could still ssh as the user and sudo to run with root authority,... right??? In that capacity that person could still nerf your system...
Distribution: FC1, Gentoo, Mdk 8.1, RH7-8-9, Knoppix, Zuarus rom 3.13
Posts: 98
Rep:
Quote:
Originally posted by JaseP Correct me if I'm wrong, but even if you can't ssh as root, you could still ssh as the user and sudo to run with root authority,... right??? In that capacity that person could still nerf your system...
Most distro's support the wheel group. If you enable this on your linux box then even if the user knows the root password they can't su to it unless in the wheel group.
Originally posted by JaseP Correct me if I'm wrong, but even if you can't ssh as root, you could still ssh as the user and sudo to run with root authority,... right??? In that capacity that person could still nerf your system...
Wrong. The only commands a user can use with sudo are those that root allows them to. The way sudo works is that the user enters sudo command at the prompt. Sudo then looks in the sudoers file to see if that user has permission to use that command. If they can, then they are prompted for their password (or not depeding on how you set it up) and the command runs. However, if they do NOT have permission to run that command (i.e., it isn't in the sudoers file), then the command doesn't run. So in your case, a user could have the ability to add a user through sudo, but couldn't do anything else with root privileges.
Sudo is actually a pretty elegant way to give a user exactly the amount of root authoritiy they need to get the job done and no more.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.