13,420
edits
Changes
no edit summary
# Change to your '''centos1''' VM and open a terminal.
# Edit the file '''/etc/ssh/sshd_config''' and look for the option <b><code><span style="color:#3366CC;font-size:1.2em;">PermitRootLogin</span></code></b>. <u>'''<br>Un-comment the option'''</u> (or add the option if it does not appear) and change the option value to <b><code><span style="color:#3366CC;font-size:1.2em;">no</span></code></b>.<br><br>'''NOTE:''' Now any hacking attempt also has to guess an account name as well as the password.<br>If you need to ssh with root access, ssh as a regular user and use '''su -''' to become root.<br><br>
# Even better, it is possible to restrict access to just specific users that require it:<br>Edit the file '''/etc/ssh/sshd_config''' and '''add ''' a new option of <b><code><span style="color:#3366CC;font-size:1.2em;">AllowUsers accountyourAccountName</span></code></b> using '''(where "yourAccountName" is your''' login account regular user accountname for accountyour centos1 VM)<br>
# In order for these changes to take affect, you need to restart the sshd daemon. Issue the following command to restart the '''sshd''' service:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">systemctl restart sshd</span></code></b>
# Try SSHing from your '''c7host''' VM to your '''centos1''' VM as '''root'''. Where you successful? Now try SSHing from your c7host VM to your centos1 VM as a regular user that was permitted to connect via ssh. Did it work? What would happen for other user accounts that were not permitted?
