openbsd 禁止root远程登陆
原创
©著作权归作者所有:来自51CTO博客作者wzs803的原创作品,请联系作者获取转载授权,否则将追究法律责任
1、增加普通用户.
adduser test
# adduser
Use option ``-silent'' if you don't want to see all warnings and questions.
Reading /etc/shells
Reading /etc/login.conf
Check /etc/master.passwd
Check /etc/group
Ok, let's go.
Don't worry about mistakes. I will give you the chance later to correct any input.
Enter username []: testuser
Enter full name []: Test FAQ User
Enter shell csh ksh nologin sh [sh]: ksh
Uid [1002]: Enter
Login group testuser [testuser]:test
Login group is ``guest''. Invite testuser into other groups: guest no
[no]: no
Login class auth-defaults auth-ftp-defaults daemon default staff
[default]: Enter
Enter password []: Type password, then Enter
Enter password again []: Type password, then Enter
Name: testuser
Password: ****
Fullname: Test FAQ User
Uid: 1002
Gid: 31 (guest)
Groups: guest
Login Class: default
HOME: /home/testuser
Shell: /bin/ksh
OK? (y/n) [y]: y
Added user ``testuser''
Copy files from /etc/skel to /home/testuser
Add another user? (y/n) [y]: n
Goodbye!
2、修改/etc/group
在wheel组中修改为
为了用test登录后,使用su切换到root
3、备份sshd_config
生产机器禁止ROOT远程SSH登录:
#vi /etc/ssh/sshd_config
把#PermitRootLogin yes 修改为PermitRootLogin no
去了"#".yes改为no.
保存 。
重启sshd。
再试用root远程登录。
不能登录。OK!