Restrict root users to log on only through certificates

Source: Internet
Author: User

If it is dangerous to allow root users to log in directly through a password, we usually do this: the root user is not allowed to log in directly, create a normal account, need to use root to switch through this ordinary account, it is very safe, but some people may feel trouble, such as when uploading files, Only through the ordinary account upload, upload after the change to the owner, but also with the MV command to move.

If you have the same problem with me, then the following content will be useful to you.


The first step is to create the user key, which I created through Xshell. Key type: RSA, key length: 2048 bits.

The second step is to add the public key generated by the first step to the/root/.ssh/authorized_keys file of the root account of the target server. (You may need to create the. SSH directory and the Authorized_keys file when you first add it, you need to be aware that setting the. SSH directory permissions to the 700,authorized_keys file is set to 600.) )

The third step is to modify the/etc/ssh/sshd_config file, find the Permitrootlogin, dismiss the comment if it is commented, and then change the yes or no to Without-password after it.

Finally, you can restart the SSH service.

This article is from the "Last Night Stars" blog, please make sure to keep this source http://yestreenstars.blog.51cto.com/1836303/1683224

Restrict root users to log on only through certificates

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.