How to restrict root access to server using IP address

ARUN Posted in SSH
0

vi /etc/security/access.conf

Scroll down to bottom and add

========================

-:root:ALL EXCEPT   IP_ADDRESS 1      IP_ADDRESS2 

========================

You can also try :

vi /etc/security/access.conf

========================

- : ALL : ALL EXCEPT  IP_ADDRESS 1      IP_ADDRESS2

========================

ssh_exchange_identification: Connection closed by remote host

ARUN Posted in SSH
0

Check if the host file has any conflicting entries.

cat /etc/hosts.deny

cat /etc/hosts.allow

How to restrict ssh access to certain IP address.

ARUN Posted in SSH
0

vi /etc/hosts.allow

SSHD:   IP_ADDRESS    #Acenet

 vi /etc/hosts.deny

sshd: ALL

 

Create a su user disable root login and secure a server.

ARUN Posted in SSH
0

groupadd su_user

useradd -g su_user su_user

passwd su_user

cp -ar /etc/group /etc/group.bak7

vi /etc/group
Search for wheel, then append “,su_user”

EG :     “root,su_user”

vi /etc/ssh/sshd_config

PermitRootLogin  no

Scroll to the bottom of file

AllowUsers   su_user

How to show a message when we login via ssh

ARUN Posted in Boot, SSH, WHM BACKEND
0

Write the contents in file  /etc/motd

vi /etc/motd

ssh wont start even though it shows started

ARUN Posted in SSH
0

-bash-3.2# /etc/init.d/sshd restart
Stopping sshd: [FAILED]
Starting sshd: [ OK ]
-bash-3.2# pidof sshd

-bash-3.2# ps aux |grep ssh
root 24353 0.0 0.0 1836 492 pts/2 S+ 22:34 0:00 grep ssh
-bash-3.2
#

Solution :

 -bash-3.2# ls -lh /dev/null
-rw-r–r– 1 root root 12 Oct 18 22:43 /dev/null
-bash-3.2#
-bash-3.2# rm /dev/null
-bash-3.2# ls -lh /dev/null
ls: /dev/null: No such file or directory
-bash-3.2# mknod /dev/null c 1 3
-bash-3.2# ls -lh /dev/null
crw-r–r– 1 root root 1, 3 Oct 18 22:44 /dev/null
-bash-3.2# /etc/init.d/sshd start
Starting sshd: [ OK ]
-bash-3.2# 

-bash: ulimit: open files: cannot modify limit: Operation not permitted

ARUN Posted in SSH
0

Check cat /etc/rc.local to see if there is any ulimit command is added.

Error ” Permission denied (publickey,gssapi-with-mic). ” while we try to ssh.

ARUN Posted in SSH, WHM BACKEND, WHM FRONTEND
0
[[email protected] ~]# ssh 79.12.58.12
Permission denied (publickey,gssapi-with-mic).
Solution :
Please make sure to enable password authentication if its a WHM server :
Main >> Security Center >> SSH Password Authorization Tweak

Disable custom ssh port in WHM server and enable login through port 22

ARUN Posted in PORT, SSH, WHM BACKEND, WHM FRONTEND
0

How to reset SSH port through WHM

Login to WHM through non secure port 2086

http://IP_address:2086

http://Ip_address:2086/scripts2/doautofixer?autofix=safesshrestart

sshd dead but subsys locked

ARUN Posted in SSH
0

Try    killall -9 sshd

If it dont work use the below command

sshd -d
rm /dev/null
mknod /dev/null c 1 3

Setting root login email alert on a Linux server

ARUN Posted in SSH
0

How to set up a root login alert

vi /root/.bashrc

echo ‘ALERT – Root Shell Access MY JAVA SERVER on:’ `date` `who` | mail -s “Alert: Root Access from `who | cut -d”(” -f2 | cut -d”)” -f1`” [email protected]

Remove su user and permit direct root login

ARUN Posted in SSH
0

vi /etc/ssh/sshd_config

PermitRootLogin yes

At the bottom of the file comment entries  :

AllowUsers UN

Passwordless ssh

ARUN Posted in SSH
0

ssh-keygen

Add rsa key to server

ARUN Posted in SSH
0

ssh-keygen

cat ~/.ssh/id_rsa.pub

cd /root/.ssh

or      cd /homefolder/.ssh/

vi authorized_keys

Insert the ket that you got from cat ~/.ssh/id_rsa.pub to this file and save

Rsa key

ARUN Posted in SSH
0

cat ~/.ssh/id_rsa.pub