[CentOS] Signing In Other than Root
Christoph Neuhaus
nihil14 at gmail.com
Tue Jan 5 13:17:42 UTC 2010
Hi,
> How do I make it so that it's impossible to SSH into the server directly
> as root?
man ssh_config ->
PermitRootLogin
Specifies whether root can login using ssh(1). The argument
must be "yes", "without-password", "forced-commands-only" or
"no". The default is "yes".
If this option is set to "without-password" password authentica-
tion is disabled for root. Note that other authentication meth-
ods (e.g., keyboard-interactive/PAM) may still allow root to
login using a password.
If this option is set to "forced-commands-only" root login with
public key authentication will be allowed, but only if the
command option has been specified (which may be useful for tak-
ing remote backups even if root login is normally not allowed).
All other authentication methods are disabled for root.
If this option is set to "no" root is not allowed to login.
You have to restart the SSH server (service sshd restart) after modifying
the file /etc/ssh/sshd_config.
Chris
More information about the CentOS
mailing list