13,420
edits
Changes
→Configuring the SSH Service
**And if they can get access to root, they can do anything.
*To prevent this, we will edit the configuration file for the ssh service to prevent root from ssh'ing into your host machine.
*Use the more command to display '''/etc/ssh/sshd_config ''' on your host.
*This file contains the configuration parameters for the ssh service.
*Lines that begin with # are comments. Either simple explanations of parameters, or parameters that have not been set.
*Open the man page for sshd_config
**This lists all the possible parameters in alphabetical order along with a brief explanation of what each one does.
**The parameter we are looking for is '''PermitRootLogin''', read its description.*Use an editor (e.g. vi) to open '''/etc/ssh/sshd_config''', and find the line that has '''PermitRootLogin'''.
**By default it is set to yes, allowing the root user to ssh in to the machine.
**Uncomment it, and change it '''PermitRootLogin''' to '''no'''.
*Now try to use ssh from one of your VMs to log into your host as root.
**You'll still be able to. This is because (for most services) the changes you make to the configuration file do not take effect until the service restarts.
