Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ssh - root user

Status
Not open for further replies.

holdahl

IS-IT--Management
Apr 4, 2006
213
NO
How is it possible to disable root login from ssh but still allow root to use commands like scp?


-holdahl
 
As far as i know, you have to have ssh enabled for you to use scp.

Regards,
Khalid
 
Maybe you could just restrict the root access to a speficic (and empty) directory using chroot as a workaround ...

This would mean that the root user would still be able to login but could'nt do any harm because

a) he would be unable to leave the directory
b) you can also prevent him from using any command (cd, ls, rm, mkdir, e.g.)

Regards
Thomas
 
You can create a custom .profile to recognise an ssh session and to do an exit.
 
my advice is that if you intend to restrict remote login to root via ssh then you need to restrict scp as well or there isn't much point in it.

scp can be used to undo most any restrictions you put in, if you start trying to get clever with keeping root from an interactive usable shell you could also end up with some undesired and unintended consequences. either lock remote root or dont.

scp data as a regular user and chown/move/whatever as root if youu must.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top