13,420
edits
Changes
→Configuring a Service
===Configuring a Service===
*A common (if somewhat blatant way) to try to hack into a machine is to try to ssh as '''root ''' and brute-force the root's password.
**The root user always exists, meaning the attacker doesn't need to try guessing what user names are on your system.
**And if they can get access to root, they can do anything.
*To prevent this, we'll will edit the configuration file for the ssh service to prevent root from ssh'ing into your host machine.*Use cat the more command to display /etc/ssh/sshd_config on your host.
*This file contains the configuration parameters for the ssh service.
*Lines that begin with # are comments. Either simple explanations of parameters, or parameters that have not been set.
