Root User Password Disabling

WebEndev

Member
Hello.

I have read that a good security measure is to disable password login for the root user.

If this is done, then I take it that it would have to be enabled again, each time KnownHost was asked to get involved via support ticket?

How hard is it to disable and enable? And how is it done?

What do other KH users recommend?

Thanks!
 
I disable SSH password login, and for the times I've needed KH support, I provide a private key they can use to log in. Support can also use the password to log in to WHM and temporarily re-enable SSH password login. (I consider this a bug in WHM; it should be possible to force WHM login credentials to be different than SSH login credentials.)
 
For now it's easiest for us to be able to login with password auth. I do hope that in the future we can have a key-based auth system similar to the one cPanel's tech support uses but there's a few projects ahead of this in line.
 
Hi Jonathan,

For now it's easiest for us to be able to login with password auth. I do hope that in the future we can have a key-based auth system similar to the one cPanel's tech support uses but there's a few projects ahead of this in line.

I'm just a little shell shocked from a recent hack, and am battening down the hatches :eek:

Key-based would be the ultimate way to do it, but I need to be able to also balance the KH support situation also...

P.S. - is there a way in WHM to disable password authentication for SSH, or is the only way by modifying the sshd_config file on the command line?

Thanks
 
Top