Book Image

Mastering Linux Security and Hardening

By : Donald A. Tevault
Book Image

Mastering Linux Security and Hardening

By: Donald A. Tevault

Overview of this book

This book has extensive coverage of techniques that will help prevent attackers from breaching your system, by building a much more secure Linux environment. You will learn various security techniques such as SSH hardening, network service detection, setting up firewalls, encrypting file systems, protecting user accounts, authentication processes, and so on. Moving forward, you will also develop hands-on skills with advanced Linux permissions, access control, special modes, and more. Lastly, this book will also cover best practices and troubleshooting techniques to get your work done efficiently. By the end of this book, you will be confident in delivering a system that will be much harder to compromise.
Table of Contents (15 chapters)
Title Page
Packt Upsell

Disabling root user login

A few years ago, there was a somewhat celebrated case where malicious actors had managed to plant malware on quite a few Linux servers somewhere in southeast Asia. There were three reasons that the bad guys found this so easy to do:

  • The internet-facing servers involved were set up to use username/password authentication for SSH
  • The root user was allowed to log in through SSH
  • User passwords, including the root user's password, were incredibly weak

All this meant that it was easy for Hail Mary to brute-force its way in.

Different distributions have different default settings for root user login. In the /etc/ssh/sshd_config file of your CentOS machine, you'll see this line:

#PermitRootLogin yes

Unlike what you have in most configuration files, the commented-out lines in sshd_config define the default settings for the Secure Shell daemon. So, this line indicates that the root user is indeed allowed to log in through SSH. To change that, I'll remove the comment symbol and change...