Step 01: Add user and set the password
[root@Teletalk ~]# adduser tamim
[root@Teletalk ~]# passwd tamim
Changing password for user tamim.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
Step 02: Add user Oracle and Tamim user to the wheel Group
visudo is a wheel user group config file User privilege specification
[root@Teletalk ~]# usermod -G wheel oracle
[root@contentserver root]# id oracle
uid=500(oracle) gid=500(oinstall) groups=500(oinstall),10(wheel),501(dba)
[root@Teletalk ~]# usermod -G wheel tamim
[root@Teletalk ~]# id tamim
uid=500(tamim) gid=500(tamim) groups=500(tamim),10(wheel)
Step 03: Uncomment the Wheel group in /etc/pam.d/su
[root@Teletalk ~]# vi /etc/pam.d/su
auth required /lib/security/$ISA/pam_wheel.so use_uid
Step 04: Modify the the /etc/ssh/sshd_config file.
Add following Line (AllowUsers oracle tamim) in the sshd_config file which allow oracle and tamim to login, Also uncomment PermitRootLogin and set PermitRootLogin no rather then yes
[root@Teletalk ~]# vi /etc/ssh/sshd_config
AllowUsers oracle tamim
PermitRootLogin no
Save the file Ctrl+X then Y then enter
Step 05: Restart the sshd Service
[root@Teletalk ~]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
Now you can’t login as a root user remotely by using ssh client or putty. You have to login as a oracle or tamim the swatch user to root.
No comments:
Post a Comment