13,420
edits
Changes
no edit summary
:'''Perform the following steps:'''
# For this section, you will still be using your '''c7host''' and '''centos1''' VMs.# <br><br>The next change you can make is to prevent the root account from logging in to sshd altogether.<br><br>
# Change to your '''centos1''' VM and open a terminal.
# Edit the file '''/etc/ssh/sshd_config''' and look for the option <b><code><span style="color:#3366CC;font-size:1.2em;">PermitRootLogin</span></code></b>. <u>'''<br>Un-comment the option'''</u> (or add the option if it does not appear) and change the option value to <b><code><span style="color:#3366CC;font-size:1.2em;">no</span></code></b>.<br><br>'''NOTE:''' Now any hacking attempt also has to guess an account name as well as the password. <br>If you need to ssh with root access, ssh as a regular user and use '''su -''' to become root.<br><br># Even better, it is possible to restrict access to just specific users that require it:<br>Edit the file '''/etc/ssh/sshd_config''' and '''add ''' a new option of <b><code><span style="color:#3366CC;font-size:1.2em;">AllowUsers accountyourAccountName</span></code></b> using '''(where "yourAccountName" is your''' login account regular user accountname for accountyour centos1 VM)<br>
# In order for these changes to take affect, you need to restart the sshd daemon. Issue the following command to restart the '''sshd''' service:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">systemctl restart sshd</span></code></b>
# Try SSHing from your '''c7host''' VM to your '''centos1''' VM as '''root'''. Where you successful? Now try # Try SSHing from your c7host VM to your centos1 VM as a your regular user that was permitted to connect via sshaccountname. Did it work? What would happen # Create another regular user called: '''other'''# Set the password for the newly-created called called '''other'''# Try SSHing from your c7host VM to your centos1 VM for the account called '''other user accounts that were not permitted'''. Why didn't it work?# Edit the file '''/etc/ssh/sshd_config''' to add the account '''other''' for the '''AllowUsers''' option (use a space to separate usernames instead of a comma).# Restart the ssh service.# Try SSHing from your c7host VM to your centos1 VM for the account called '''other'''. Did it work this time?<ol><li value="814">Finally, as a system administrator, you should periodically monitor your system logs for unauthorized login attempts.</li>
<li>On CentOS systems the log file that is used is '''/var/log/secure''' </li>
<li>It also logs all uses of the '''su''' and '''sudo''' commands.</li>