Friday, September 1, 2017

5 - Linux Security: disabling the ROOT login


In this exercise a Linux Debian server is used:

- The goal of this exercise is to show how to prevent the users to login as a root, blocking full access to the system so that the chances of compromising the server are dramatically reduced.

- Editing the /etc/passwd file and focusing on the first line:

- Replacing that line with this new one:

- Going to the user johndoe now it is not possible to switch to the root user:

- Same thing applies to the roch user:

- Returning to the original configuration is possible because roch has the corresponding sudoers privileges to perform that operation, as seen in the previous exercise. From the roch user account the file /etc/passwd can be changed to its previous content:

- This exercise must be performed carefully, always ensuring that before disabling access to the root login there is at least one user (in this case roch) with enough privileges to be able to return to the previous configuration in case of need. Otherwise the system configuration would be impossible to be changed because nobody is going to be allowed to do it.