Following the disaster that I has with the web/mail servers I have taken an additional step to secure the servers as I am still not clear what the causes of the failure were.
I have disabled direct root ssh login (which in debian is allowed by default) so you have to login as a non-privileged user and then su to root
to do this edit sshd_config
vim /etc/ssh/sshd_config
then find the line:
PermitRootLogin yes
and change it to
PermitRootLogin no
the restart ssh
/etc/init.d/ssh restart
Remember to make sure that you have a non-privileged account that works and you can su from that account to root before you do this.
No related posts.
