How to Disable Direct Root Login to Secure Your Network

Root login is perhaps one of the very few vulnerabilities that Linux operating system faces. A person can hack into your system as a root user easily and can play with security settings. This guide will show you how to disable it so you can still login as root but just not directly, reducing the security issue.

This will force a hacker to have to go through a double security checks where he will have to give 2 separate passwords to gain root access. What happens is you’ll first need to login as your admin user in SSH, then switch to the super user with the su command to get root. It also forces the use of SSH protocol 2, which is a newer and more secure SSH protocol. This almost nullifies any chance of unauthorized access to your root account.

• SSH into your server as ‘admin’ and gain root access by su
• Copy and paste this line to edit the file for SSH logins

 /etc/ssh/sshd_config

• Find the following line:

 Protocol 2, 1

• Uncomment it, and change it to look like:

 Protocol 2

• Next, find the following line:

 PermitRootLogin yes

• Change it to:

 PermitRootLogin no

• Restart SSH using the following command:

 /etc/rc.d/init.d/sshd restart

Now, no one will be able to login to root with out first loggin in as admin and su - to root. You have now taken care of one serious problem of Linux. So relax.

[p.s. -> Do take care of the two passwords yourself or else you will be caught in your own net ]

[Source: ipfinity.com]