You Just re-booted and logged in as root at the console - what now?

You do a few things to secure the machine and THEN you attach it to the net and check the settings.

The Procedure

• edit the file /etc/ssh/sshd_config . In that file you add a couple of lines:
  

  ################################################################
  #sean added this before the machine was attached to the net 8-30-06
  #any other comments that you wish here 
  PermitRootLogin no
  #################################################################
  

• service sshd restart
  This is the easy RedHat way to force a machine to restart the service and therefore now deny root account attacks from the net through port 22.
• Edit the file /etc/sysconfig/iptables to only allow incoming port 22 connections from shaula (216.125.253.135). This means that you will have to rem out the existing line for the sshd server too. (remember to put your comments in there when you rem it out)
  

  #sean accept only incoming ssh from shaula 8-30-06
  -A RH-Firewall-1-INPUT -m state --state NEW -s 216.125.253.135 -m tcp -p tcp --dport 22 -j ACCEPT
  

  Now restart the iptables: there are several ways
  
  service iptables restart
  
  kill -HUP `cat /var/run/iptables.pid` note the BACK tics
  
  /etc/rc.d/init.d/iptables restart
   
• NOW Plugin and test. At this point root should be disallowed to login remotely but can still login from the console, and all users should have to come from shaula to get in.
• use the useradd command to add the second user to the system.
  useradd -c "Sean Mauney" -d /home/smauney -m -k /etc/skel smauney would have made an account for smauney with a user private group (we are not using user private groups we will have all users that we add in the "users" group), you then MUST run the command passwd smauney and set an initial password.
• Both people work on your documentation web sites.

| Top |