Disabling SSH Root Access But Enabling SSH Keys How To Do That

Apr 3, 2009

in order to secure my server against instrusion, i disabled ssh root login and created a user for myself. however in order to access the user i need to enable SSH Password authentication

I dont enable password authentication all the time and i keep it disabled unless i need to do something via ssh.

Now my question will be, is there a way to keep the user i created and keep the root login disabled and password authentication disabled but use ssh keys for the user i created?

I was informed that if i opt to login to ssh via the user i created, the only way to do that is to enable password authentication as it cannot work with ssh keys. is this true?

I really hope someone can help me how to use the user i created together with ssh keys so i dont have to enable password authentication when loggin to ssh

View 7 Replies


ADVERTISEMENT

SSH Keys & Direct Root Login Disabled

Jul 3, 2008

Currently I have a server that has direct root SSH access disabled (have to login as regular user then su to root), but I am currently working on setting up authentication via SSH keys, but I can't seem to get it working with direct root SSH access disabled? Is this normal, and if so is there anyway to work around it?

Basically I'd like to be able to authenticate both ways; both with SSH keys or by logging in as a regular user and su to root.

View 8 Replies View Related

Disabling Direct Root Login

Apr 16, 2008

login as: hen
hen@xx.xx.xx.xx's password:
Last login:
hen@root [~]# su -
Password:
su: incorrect password

I verified that root password is correct, but no matter how many times I tried, I can't su in

Where's my su permission
-rwxr-xr-x 1 root wheel 24060 Mar 22 2007 /bin/su*

here's inside /etc/group
wheel:x:10:root,hen

View 14 Replies View Related

Disabling 'Allow Anonymous Access' For FTP In New CPanel Accounts

Apr 2, 2008

Everytime a new account is created in WHM/cPanel, the "Allow Annonymous Access for FTP" option is enabled by default. Since this is something I want turned off for all new accounts... does anyone know a way of switching this off globally in cPanel/WHM so that every new account will have this turned off by default?

View 3 Replies View Related

With SSH Key I Can Not Access The Root

Aug 17, 2008

i have a problem with shell access, and i can not access it throw ssh putty

the problem with the SSH Key i made one to enable it in my server.

now i can not access the root throw ssh putty

i removed the SSH Key from the WHM and still son nor access the root throw SSH Putty

View 7 Replies View Related

Users With Root Access

May 22, 2008

How can view all users have root access in system?

View 6 Replies View Related

Phantom Root Access

Sep 17, 2007

First, a bit of server data:

Linux version: Linux version 2.6.9-023stab033.9-entnosplit (root@rhel4-32) (gcc version 3.4.5 20051201 (Red Hat 3.4.5-2)) #1 SMP Tue Dec 5 14:54:16 MSK 2006

Running on top of Virtuozzo 3.x, SLM

Running the DirectAdmin control panel, v.1.30.2

For a couple years I've been maintaining a VPS, and I've had a command in root's .bash_profile to mail me the contents of `who` whenever root logs in (I'm certain this wouldn't catch everything, but I at least get mailed when I ssh in). However last night I got one of the dispatch emails, one that was definitely not caused by me logging in, and it was missing the `who` output in the body.

Taloncrossing: Root Shell Access on: Mon Sep 17 00:58:49 EDT 2007

I started doing some looking, starting with the logs. /var/log/messages contained these lines:

Sep 17 00:58:49 vps sshd(pam_unix)[16277]: session opened for user root by (uid=
0)
Sep 17 00:59:17 vps sshd(pam_unix)[16277]: session closed for user root

/var/log/security contained:

Sep 17 00:58:49 vps sshd[16277]: Accepted password for root from 65.98.70.202 port 45053 ssh2

To me this is pretty clear that someone had shell access to root. The session lasted just under 30 seconds. The security log showed no signs of previous failed login attempts. I referred to this topic [url]to try to find anything unusual

/var/log/wtmp has a reference somewhere to the accessing IP on grep, but 'who' will not reveal it, the same way that my email message was missing that info.

Everything else looks clean, I've run chkrootkit and rkhunter, all the warnings (issued by rkhunter) are benign, the .bash_history is clean (not flushed or any suspicious commands), logs are clean, nothing unusual is running, can't find anything out of place.

So basically I'm completely confused and have no idea what to make of all this. Was there a glitch? I can only assume that I am somehow compromised, but don't know what to make of all the data I've gathered. I'd really appreciate opinions from some of you that know this stuff way better than I do. The only action I've taken so far is changing the root password.

View 3 Replies View Related

Is Possible Access As Root To PhpMyAdmin, But How To PhpPgAdmin

Apr 24, 2009

is 100% possible access to ALL BD and admin ALL BD of MySQL from PhpMyAdmin.

How we can do it this actions in PhpPgAdmin ?

NOTE: into server with cPanel.

View 10 Replies View Related

How To Know When Some Body Access Root What He Touches..

Dec 14, 2008

I give access to some body to let's say install a software for me but is there any probram clean to show me what has he touched

View 12 Replies View Related

Getting Files Off The Root Server That Is Outside Web Access

Aug 15, 2007

I am actually very inexpirience in server management. I have a small - I believe - problem. I need to get config file onto my computer from my root server. I can access it through terminal, but it is not very confortable. The config file is on root server.

the file is located at //etc/xxx.conf

Do I need to use web browser to do it? If so how?

Or is there a way that I log to my root server through ssh and transfer onto my computer?

View 2 Replies View Related

Managing Local Root Folder Without Being Able To Access It

Nov 2, 2009

I'm planning a website at the moment but I'm wondering about a slight issue, regarding the local root folder of a website.

Currently, I'm using Dreamweaver to create a website and I have had no problems of uploading my files to a site through Dreamweaver before. But I will not have access to my computer for about one month every year. However, I have a laptop available during that month. But since my local root folder is located on my stationary computer it seems impossible for me to, in any way, use that laptop to manage my site (upload new files to the server).

View 3 Replies View Related

VPS With CentOS, LXAdmin, And FTP Server Root Access

Feb 26, 2009

I've just signed up for my first VPS with CMBHosting and the person in charge, Chetan Bakhru, seems like a genuinely nice, friendly and helpful person. In other words this new service look promising at the moment.

However ...

When I signed up I selected his CentOS/LXAdmin plan because I figured that with a pre-installed control panel like LXAdmin I could avoid as much ssh as possible and simply get "up and running" more quickly. Plus I have some experience managing my own CentOS development machine, and I know that a special software package I plan to install runs on CentOS "out of the box" -- so I was expecting good things from this new VPS.

But when my account was created LXAdmin did NOT create an FTP admin account for me with root access to my VPS!

Instead it created an account that drops me into web server's document root folder, and this is far too limiting for me. I really need FTP root server access -- and I'm surprised that LXAdmin did not provide this access by default.

Not only that, but it appears that I cannot create a new FTP account that has any deeper access than the existing admin account!

Does anyone with LXAdmin experience know if this is the way LXAdmin normally works by default? Or is this perhaps a special configuration created by my new VPS host?

View 5 Replies View Related

Access Folders In Root / Bypass Wordpress

Jul 23, 2009

My blog is set up to display in the root of my domain, although the files on the server sit within their own folder:

i.e

Server files

Public_html/wordpressfiles/

Broswer displays

www . mydomain . com/

(disaplys pages from /wordpressfiles)


The problem I have is that I can't access individual directories within the root, unrelated to wordpress.

e.g

I have

Public_html/folder2/...
Setup on the server, but if I enter the path in my browser:

www . mydomain . com/folder2

wordpress thinks I want to access:

www . mydomain . com/wordpress/folder2

...which doesn't exist.

How can I re-gain access to folders in the root, without wordpress interfering?

View 2 Replies View Related

Email Notification For Root Access In Plesk

Jul 22, 2008

How do we set our Plesk VPS so that when someone logs in as root, we will receive an email. It's on a VZ node.

View 3 Replies View Related

Change Mysql Root Password With Ssh Access?

May 29, 2008

How can change mysql root password with ssh access?

View 6 Replies View Related

Server Access Problem Using Root In Putty

Jan 3, 2008

I am having problem login to my server using root as login.

Here is the situation:
I have the root access for WHM as user1 for login, and password1 for password. This can allow me to login to my WHM.

However, in SSH (Putty) I tried to connect to the server using user1 as login, but when I typed password1, it said access denied..

View 11 Replies View Related

Recommend An ISP For Webspace? (need Php + Mysql + Root SSH Access)

Jun 9, 2008

cheap-ish place to host a PROTOTYPE website. We're going to need php + mysql, but we're going to need to have more control such as root SSH access.

Here is the list of what we need to start with:

SSH access
PHP 5
Java
MYSQL 4 or 5
Apache 2
SendMail

Any ISP recommendations?

For now this is just a prototype, and it will NOT get hammered with
traffic. But we do need an outfit that is efficient and reliable.

Ship
Shiperton Henethe

We are based in the UK.

View 11 Replies View Related

MySQL: Access Denied For Root User

Oct 25, 2007

When I deleted a database, the user apparently was orphaned because when I tried to recreate it, it returned "user already exists". I've never encountered that problem although from Googling, I see others have and they delete the user to get around it.

When I log into mysql using the da_admin@ account and attempt to remove the user with drop user <user_name>; I receive the following error message:

ERROR 1227 (42000): Access denied; you need the CREATE USER privilege for this operation

It seems I don't have rights even as the root user. How can I get remove the orphaned user?

View 8 Replies View Related

Access Denied For User 'root'@'localhost

Jun 8, 2007

I'm getting the error after running
[root@server ~]# mysqladmin processlist

Quote:

mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'

I'm running plesk on FC4.

Not too sure why it says failed or denied, as I'm root?

View 3 Replies View Related

Latest Linux Gives Untrusted Users Root Access

Nov 4, 2009

Quote:

A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.

The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.

Read the complete article at The Register. New kernels are available for Redhat and CentOS (obviously), and likely others who may be affected.

View 8 Replies View Related

Mass Backup Accounts To Remote FTP With ROOT Access And CPanel/WH

Jan 28, 2008

I have a VPS and about 140 accounts on it. I've also got cPanel and WHM installed. I'm moving to a new host, but the thought of having to move all these accounts manually really makes me lazy I have to go into each account and go to backup -> backup to remote FTP, and yeah..

Is there any way I can mass backup all of my accounts, or all accounts I select, to a specified FTP server?

I only have root access on my VPS, but not on the server I'm moving all the backups to..

View 6 Replies View Related

ERROR 1045 (28000): Access Denied For User 'root'@'localhost' (using Password: NO)

Jul 12, 2009

Im trying to setup a mysql server on my centos vps server. Ive installed mysql server and done chkconfig and the mysql server has started. My problems start when i want to set a mysql root password.

Quote:

mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword

I get an error "ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)"

Which i totally dont understand because why would it want a password when im trying to set the password?

View 6 Replies View Related

Plesk 11.x / Windows :: Don't Have Root Access To Server As It Is A Webfusion Dedicated Server

Oct 16, 2013

I have Plesk 11.5 (service provider mode) on a Windows 2008 server IIS7.Most of my sites are developed in .asp and therefore i use a custom 500-100.asp error page that check s the IP of the visitor then displays either a friendly error, or if its my IP a full error of what has happened (it also emails me the error). This allows me to debug pages easily whilst developing and to keep an eye on anyone trying SQL Injection hacks on my sites (as the error and email also have session variables and IP address).I dont have root access to the server as it is a Webfusion dedicated server.I have following the Plesk documentation -

1) Switch on custom errors for the subscription
2) Look in virtual directories and navigate to error documents
3) Find the error in question (500:100) and change it to point at either a file or URL

FILE - I had the data centre add in the 500-100.asp error page in to the virtual template so that my page is available in the list of virtual files - this didn't work but that maybe because its not a static page??

URL - when i add the path it says its incorrect, if i add a fully qualified address, it accepts it but it doesn't work.give me a specific example of the URL that can be entered relative to the root as the format in the documentation isn't accepted. The last step is to restart IIS which is also an issue as i cant seem to do this from the Plesk panel..It is as if it isn't catching the 500:100 error, and only catching the general 500 error??

View 1 Replies View Related

Are Chained Root Ssl Certificates More Secure Than Single Root?

Nov 25, 2008

I have read that although chained root ssl certificates can be more difficult to install they are actually more secure since the root certificate cannot be compromised, only the intermediary.

Is this true? It looks like both google and amazon both use chained SGC certs.

View 0 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved