Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: deny ssh from root - how to?
Top Forums UNIX for Dummies Questions & Answers deny ssh from root - how to? Post 10581 by rwb1959 on Friday 16th of November 2001 03:10:26 PM
Old 11-16-2001
The short answer... YES.

You can simply not set up any "keys" in root's account.
If you can only log into the machine via ssh, only those
authorized users will have ssh capability (as themselves)
and can then "su" to root. Of course, if you have root access,
you can do anything you want including creating a ".ssh"
directory and place your own key into "authorized_keys"
thereby allowing ssh directly to root so you have to
set some policies up to make sure those with root access
do not violate them.
 

10 More Discussions You Might Find Interesting

1. AIX

Deny root rlogin

Hi, I have to forbid root-logins on all my servers, expect from two machines, these 2 machines login with root without a password it was quite easy with ssh, but I have a problem regarding rsh/rlogin, an there are a lot of rsh jobs, so it would take a lot of time to change all this... (4 Replies)
Discussion started by: funksen
4 Replies

2. AIX

Passwordless root authentication via SSH

Hello, I would like to issue a couple of commands as root on a remote machine without having to enter the root password. I used "ssh-keygen -t rsa" to generate the encryption keys, copied the public key to the remote machine, etc. I also tried playing around with the sshd_config file and... (3 Replies)
Discussion started by: sphericon
3 Replies

3. AIX

allow / deny root logins

Hello everyone I have to limit the root logins on my aix box (aix 5.3) I change the value on the /etc/security/user default (login and rlogin) change to false and add to root (rlogin and login = false) I tried in different ways but I got the same. Root still can login I try algo... (6 Replies)
Discussion started by: lo-lp-kl
6 Replies

4. Solaris

Deny root remote login help

I'm attempting to deny a user's ability to login as root through any remote means - ie telnet or ssh. I've read most of the threads that I can find on this site and I've looked at BigAdmin on Sun's site. I have done what has been suggested here and on BigAdmin which is to make sure that the line... (5 Replies)
Discussion started by: gonzotonka
5 Replies

5. Red Hat

How to block ssh via /etc/hosts.deny

Hi.., I am using redhat5 server, i want to know the details about to block ssh via /etc/hosts.deny. Need help immediately (1 Reply)
Discussion started by: thakshina
1 Replies

6. UNIX for Dummies Questions & Answers

Can't SSH as root anymore!

I've screwed something up in my sshd_config apparently, because I can't ssh with root anymore. I had disabled root login for security reasons, but then my ssh credentials with full administrative privelges stopped working. So then I reenabled root login (and reset ssh), but root now isn't... (3 Replies)
Discussion started by: cquarry
3 Replies

7. Solaris

Solaris 8: root can't ssh to other systems.

Hi, The issue is that root can not ssh to a Solaris 8 server: Please help. Thank you in advance! (7 Replies)
Discussion started by: aixlover
7 Replies

8. Solaris

ssh as root

Hi guys. I have two machines and I am using both as root. I need to know , is there a way by which I can ssh from Machine1 to Machine2 without giving the root password for Machine2. I actually need to write a script so that when its executed , it will ssh into another machine and run a... (4 Replies)
Discussion started by: Junaid Subhani
4 Replies

9. Solaris

Passwordless ssh for root

Hi Experts, I am trying to setup passwordless ssh for root between two of my solaris servers(say A & B). I have exchanged the public keys between both servers. Password less ssh working fine while I try to connect from Server A to Server B. However it is still asking password... (6 Replies)
Discussion started by: sai_2507
6 Replies

10. SuSE

Auditors want more security with root to root access via ssh keys

I access over 100 SUSE SLES servers as root from my admin server, via ssh sessions using ssh keys, so I don't have to enter a password. My SUSE Admin server is setup in the following manner: 1) Remote root access is turned off in the sshd_config file. 2) I am the only user of this admin... (6 Replies)
Discussion started by: dvbell
6 Replies

LEARN ABOUT LINUX

ssh-copy-id

SSH-COPY-ID(1)						      General Commands Manual						    SSH-COPY-ID(1)

NAME

       ssh-copy-id - install your public key in a remote machine's authorized_keys

SYNOPSIS

       ssh-copy-id [-i [identity_file]] [user@]machine

DESCRIPTION

       ssh-copy-id  is	a script that uses ssh to log into a remote machine and append the indicated identity file to that machine's ~/.ssh/autho-
       rized_keys file.

       If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys in  your
       ssh-agent.  Otherwise, if this:

	     ssh-add -L

       provides any output, it uses that in preference to the identity file.

       If  the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file.  Once it has one or more fin-
       gerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory,
       if necessary.)

NOTES

       This program does not modify the permissions of any pre-existing files or directories. Therefore, if the remote sshd has StrictModes set in
       its configuration, then the user's home, ~/.ssh folder, and ~/.ssh/authorized_keys file may need to have group writability  disabled  manu-
       ally, e.g. via

	     chmod go-w ~ ~/.ssh ~/.ssh/authorized_keys

       on the remote machine.

SEE ALSO

       ssh(1), ssh-agent(1), sshd(8)

OpenSSH 							 14 November 1999						    SSH-COPY-ID(1)
All times are GMT -4. The time now is 08:57 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy