[Solved] Ubuntu Disabling Logging in to root - Help?

Discussion in 'Systems Administration' started by PiggiesGoSqueal, Aug 3, 2018.

  1. I am following this tutorial: https://www.spigotmc.org/threads/best-practices-for-minecraft-linux-in-general.4223/

    I tried disabling the ability to login to root. I am sudoed atm. I typed: "nano /etc/ssh/sshd_config"

    It brought up this screen:
    https://gyazo.com/182fceb8ee43741cd905e2c0ec15a193
    https://gyazo.com/8fd32e1e25d1f4ded4ab12a78595a13c
    (idk why it's typing the ^C as I haven't done anything..)

    Why is it different then what the tutorial said I was supposed to find? How can I correctly do it?
    Note: I'm new to this so please don't use your fancy words I won't understand :p

    The tutorial says:
    Modify your SSHd config:
    Now you're probably thinking "Why would I need to do this? It works, right?" and you'd be right, however a nice touch always is changing a few basic things to boost your security.
    First of all disable root.
    You have no idea how many times I have to tell people, disable fucking root, you have sudo so why would you need to login as root?

    First of all, open up your sshd config: nano /etc/ssh/sshd_config
    Once you've done that, look for the words "PermitRootLogin"
    If it says "PermitRootLogin yes", change it to "PermitRootLogin no"
    What this will do is disable SSH logins to the user root, you have sudo -s, so who cares, you certainly don't :D.
     
  2. This looks like a QEMU session, not SSH. So perhaps SSHd is just not installed on that system. On Ubuntu, you would install it via
    Code (Text):
    apt-get install openssh-server
     
    • Useful Useful x 1
  3. Oh okay, thank you. I'll try that!
     
  4. foncused

    Moderator Patron

    Yeah, make sure openssh is installed. You can also lock the root account this way:
    Code (Bash):
    passwd -l root
    That thread is decent, but changing the SSH port to something other than 22 is optional and does not really enhance security. The original post also does not detail additional important steps (firewall, SSH keys, hardening, etc.) which you should ideally be doing as well.

    EDIT: Didn't see that another post does touch on some of the above.
     
    • Informative Informative x 1
  5. Is the firewall tutorial you linked only for Bungeecord? Could it work for a normal Spigot server too?
     
  6. foncused

    Moderator Patron

    Our firewall guide is tailored to IPTables, a common Linux firewall. You can configure it however you want for the services you intend to run on your server (including BungeeCord, Spigot, etc.).

    If you only intend to run a single Minecraft server on the default port, you just need to open port 25565.
     
    • Informative Informative x 1