I believe many friends have used Linux, such as Fedora, RedHat, Ubuntu and other Linux operating systems.
Of course everyone knows that after logging in with ROOT, you can directly control all operations, including creating files and deleting files.
This is really good for some users, but it can be trouble if it is hacked, especially the server administrator.
So just think of a way to cancel the ROOT login directly, first create a user who do not have the permssion to create or delete files, and then use this account to control the linux without using the root user directly This is a basic guarantee.
1.
First, log in to the root user (or a user with root privileges) and modify the following files:
vi /etc/ssh/sshd_config
look for the text #PermitRootLogin yes, modify to PermitRootLogin no
and then save with this command
:wp
2.
Then create a new account, named admin (any name you want),
Use the following command:
useradd admin
After creating an account, remember to add a password for this account, use the following command:
passwd admin (Be careful to add a name after passwd, otherwise you will change the password of your account. If your login name is root, the root password will be changed. Pay attention to this point)
Then input the password.
3.
Finally, restart the ssh service and you are done.
If it is LINUX, enter the following
/etc/init.d/sshd restart
If it is FreeBSD, enter
/etc/rc.d/sshd restart
Now you can log out of the root account first, and then try to log in with admin.
After logging in with admin, you will find that you cannot delete and create documents, just use
su -
command to switch the root user account
Well, I hope everyone can provide simple and basic protection for your Linux operating system.
Comments
Post a Comment