----------------------------------------
This article is provided free by
Stealth IT Solutions Limited
It is free for non-distribution only.
Due to the nature of this data it may
not be edited, no data may be removed
including this text.
With thanks to admin0
myshashi2010@yahoo.com
No responsibility is accepted or implied
Proceed at your own risk
------http://www.stealthhosts.com-------
secure install-defaults
By default, many applications are installed with lose security. We can tweak some settings to make it much better in terms of security.
--------------------------------------------------------------------------------
redhat, fedora, debian, bsd
Disable Direct ROOT login
In SSH
now, edit /etc/ssh/sshd_config such that the following are:
Change that line that says:
To read as follows:
Change the line that says:
To read as follows:
Restrict the use of SU command
Once after you have disabled root SSH login, you should SSH using a regular account, and then give the su command to get root access. This is true for any user that enters the su command and enters the root password. Root access means absolute access, thus, it is recommended that you limit the usernames that can use the su command and get root access.
We have a group called wheel in the linux system, so what we will do is make the username that you added above a member of the wheel group, and restrict su such that only the members of the wheel group can use su
To do this, type the following command as root:
Next open the PAM configuration file for su,
/etc/pam.d/su, in an editor and remove the comment [#] from the following line:
Doing this will permit only members of the administrative group wheel to use have access to su.
This article is provided free by
Stealth IT Solutions Limited
It is free for non-distribution only.
Due to the nature of this data it may
not be edited, no data may be removed
including this text.
With thanks to admin0
myshashi2010@yahoo.com
No responsibility is accepted or implied
Proceed at your own risk
------http://www.stealthhosts.com-------
secure install-defaults
By default, many applications are installed with lose security. We can tweak some settings to make it much better in terms of security.
--------------------------------------------------------------------------------
redhat, fedora, debian, bsd
Disable Direct ROOT login
In SSH
Code:
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.originalnow, edit /etc/ssh/sshd_config such that the following are:
Change that line that says:
Code:
Protocol 2,1
Code:
Protocol 2Change the line that says:
Code:
# PermitRootLogin yes
Code:
PermitRootLogin noRestrict the use of SU command
Once after you have disabled root SSH login, you should SSH using a regular account, and then give the su command to get root access. This is true for any user that enters the su command and enters the root password. Root access means absolute access, thus, it is recommended that you limit the usernames that can use the su command and get root access.
We have a group called wheel in the linux system, so what we will do is make the username that you added above a member of the wheel group, and restrict su such that only the members of the wheel group can use su
To do this, type the following command as root:
Code:
usermod -G wheel usernameNext open the PAM configuration file for su,
/etc/pam.d/su, in an editor and remove the comment [#] from the following line:
Code:
auth required /lib/security/pam_wheel.so use_uidDoing this will permit only members of the administrative group wheel to use have access to su.
