Disable Root Login

From A2Wiki

One of the first things you should do to secure your VPS account is create a normal user and disable remote root login. This will reduce the chances of your root account being compromised remotely, which could cause serious problems for your VPS instance.

This can be accomplished using the ‘useradd’ command which comes installed in many of the default VPS images.

An example command to create a non-root administrative user would be:

useradd -p PASSWORD username

Once the user is created you will need to add this user to the sudoers list. If sudo is not installed on your VPS image you can install it from any of the package managers. In Debian, for example run:

apt-get sudo

And then edit the sudo list with:

visudo

This will open a file editor and you can add your new username to the bottom with a line such as:

username ALL=(ALL) ALL

This will allow you to have access to all the commands that would be available to root from the new user. You may wish to limit this to further protect your system For more informatin on customizing sudo see ‘man sudo’ and ‘man sudoers.’

Disable Remote Login for Root

Once you have a normal user under which to do all of the administrative tasks, you will want to disable root login to SSH as a safeguard. To do this simply open /etc/ssh/sshd_config in your favorite text editor and find the line that says:

PermitRootLogin yes

And change that to:

PermitRootLogin no

And that’s it! Please note that if you really mess something up and need a root shell you can still access it from your HyperVM control panel.