“Port 722”), “PermitRootLogin yes” and “PasswordAuthentication yes”. In our case we added “Port 222” (can be another port if required or multiple ports by adding a new line with i.e. Subsystem sftp /usr/lib/openssh/sftp-server PasswordAuthentication yes MaxAuthTries 3 # vi /etc/ssh/sshd_configĪnd make the necessary changes. > /etc/ssh/sshd_configĮdit the SSH configuration file to allow root login. # grep -v -E "^#|^ " /etc/ssh/sshd_config_orig | grep. Use the “grep” command to strip the original file removing all the unnecessary lines. # cp /etc/ssh/sshd_config /etc/ssh/sshd_config_orig You want to keep a copy of the original file in case something goes wrong or you want to check this file at a later stage. We prefer simple and clean configuration files containing only the required settings and parameters. The original SSH configuration file includes a lot of comments and samples which are not really required and makes it hard to read. However, we can still switch to root with the command “su root” if you have at least the root password. As such it is not possible to become root with the sudo commands “sudo -i” or “sudo su -” either. Note that for security reasons, this user is not going to be added to the “sudo” group and therefore cannot obtain any root privileges. To activate the user and be able to log in with it, we need to add a password. The “-m” option will automatically create a home directory “/home/chief”. Make sure you have generated a strong password for this new user as well and saved it in a safe place for later use such as Keepass. Since we will later disable direct root access with a password, it is important to create an additional user who will still have password access to the system.īasically it doesn’t matter what you call this user but in this case we are going to create a user “chief”. Keepass is a great open source tool that can help you generate and store passwords. Make sure you enter a strong password and that you also store this password somewhere safe. Next set a new password for root (since you are logged in as root no need to add user root to the passwd command). To allow root login over SSH we first need to set the root password by opening a terminal and switch to root. However, many system administrators prefer to work as root to avoid having to use “sudo” for almost every command and enter passwords over and over again. By default Ubuntu SSH root login is disabled and root password has not been set.
0 Comments
Leave a Reply. |