Most people use SSH to access their server over the Internet and administrate it. SSH is claimed to be a secure way of accessing a server. But with the wrong configuration this can be the contrary.
Disabling the direct root login is good as a hacker needs to guess 2 seperate passwords. So if he guesses the password of your first account he only has restricted access to your machine and needs to ‘su’ to gain root access, too.
First of all you should choose a good password for your users.
1. Let’s SSH into your server. You should use a second user account and ‘su’ to gain root access.
2. Open /etc/ssh/sshd_config with the editor of your choice.
vi /etc/ssh/sshd_config
3. For more security we should disable the insecure SSH Protocol 1. For doing so find the line ‘Protocol 2, 1′ and change it to ‘Protocol 2′.
4. Next thing is disabling the direct root login. The line ‘PermitRootLogin yes’ is allowing direct root logins. We need to change it to ‘PermitRootLogin no’.
5. After making these changes save the file and quit your editor.
6. Now we need to restart the SSHd
/etc/rc.d/init.d/sshd restart
Attention:
If you make a mistake in your sshd_config file it can happen that the SSHd will not start again. So take care of what you are doing and don’t logout before you tried your changes. Else you’ll need someone with physically access to your server to repair SSHd’s config.