[201/lab sheet] Improve securing ssh bit
All checks were successful
continuous-integration/laminar-elessar Build 75 succeeded in 1 minute 18 seconds .
All checks were successful
continuous-integration/laminar-elessar Build 75 succeeded in 1 minute 18 seconds .
This commit is contained in:
parent
bed2e66772
commit
3d42f255ff
1 changed files with 7 additions and 1 deletions
|
@ -151,7 +151,13 @@ Then, open PuTTY **TODO: Finish this**
|
||||||
|
|
||||||
If someone manages to get in who isn't supposed to, they could do all kinds of damage!
|
If someone manages to get in who isn't supposed to, they could do all kinds of damage!
|
||||||
|
|
||||||
The first, and easiest thing we can do it improve security is to prevent the `root` user logging in. We already have a non-root account that we use `sudo` with, so why allow direct access to `root` at all? Edit `/etc/ssh/sshd_config`, finding the line that says something like this:
|
The first, and easiest thing we can do it improve security is to prevent the `root` user logging in. We already have a non-root account that we use `sudo` with, so why allow direct access to `root` at all? Open `/etc/ssh/sshd_config` for editing like this:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo nano /etc/ssh/sshd_config
|
||||||
|
```
|
||||||
|
|
||||||
|
This will open the `nano` command-line text editor. Others exist, but they are either not installed by default or more difficult to use. You can navigate with the arrow keys. Find the line that says something like this:
|
||||||
|
|
||||||
```config
|
```config
|
||||||
PermitRootLogin yes
|
PermitRootLogin yes
|
||||||
|
|
Loading…
Reference in a new issue