How to disable root access to server and add another user to sudo in CentOs Ubuntu Debian

disable-root-access-server-add-another-user-to-sudo-centos-ubuntu-debian

How to disable root access to server and add another user to sudo in CentOs Ubuntu Debian

How to disable root access to server and add another user to sudo in CentOs Ubuntu Debian

Default administrator username is root on Linux Based Operating Systems.

its easy to remember the name (root) but sometimes this default name will be a problem as many use it do a brute-force on your server and get your server hacked.

We are going to see how to disable Direct root access to the server in CentOs, Ubuntu, Debian & Ubuntu Flavours

First you need to login to your server through SSH.
STEP 1 :
On CentOs/Redhat Based Operating System

Once logged in,

We need to create a new user as below.

Set password for the created user.

We are now going to assign su(sudo) permission to the user semiadmin, as we need this user to su and to work further as root.

Use the command nano to edit nano /etc/group to edit the wheel user settings file.

Now, Press CTRL + W and the type the word or username we created on our case its semiadmin.

You will now see the username created with the below value.

We need to add the below line in the top of the file.

Once done,

Save it by Pressing CTRL + O exit by CTRL + X

Now restart the ssh service by.

Once ssh daemon is restarted, try login with the newly created username.

You would see as below.

We have completed the part of creating the user and assigned the wheel group.

STEP 1 .1: UPDATED
On Ubuntu,Linux mint and Debian based Operating System

Once logged in,

We need to create a new user as below.

As on the above ssh log,

You will be asked to enter the users Password, Then Full Name & etc…
You can simply Press ENTER button.

Now, we are going to add this user semiadmin to wheel user.

Now, You can login to the account with the newly created user semiadmin

STEP 2 :
We should now disable the direct root user login to the server.

Which we are going to do by editing the ssh configuration file, which is located at /etc/ssh/sshd_config

Use the text editor nano to edit this file.

# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

You should see option PermitRootLogin as shown above.

Just change the settings to “no” and remove the hash”#” before the line.
or just add the line anywhere on the file.

Once done, You will not able to login to the server directly.

You should first login as semiadmin and then do su- and login with the root password.

That is all.

Do drop in your comments and suggestions, give us your feedbacks which will help us in increasing the quality of our articles.

Comments