Locking Down Remote Access to Linux

Hands-On Lab

 

Photo of Bob Salmans

Bob Salmans

Security Training Architect I in Content

Length

00:30:00

Difficulty

Beginner

In this lab, we will look at how to lock down remote access to a Linux host. We will accomplish this by restricting all remote logins for the root account as well as restricting SSH access based on account names.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Locking Down Remote Access to Linux

In this lab, we will look at how to lock down remote access to a Linux host. We will accomplish this by restricting remote logins for the root account as well as restricting SSH access based on account names.

Open a terminal, and log in via SSH to the cloud server using the provided credentials.

Prevent Remote Logins from Using the root Account

  1. Open the /etc/password file:

    sudo nano /etc/passwd  
  2. In the line that starts with root, replace /bin/bash with /sbin/nologin.

  3. Save and exit the /etc/password file.

Permit Only the cloud_user Account to Connect to the Host via SSH

  1. Open the sshd_config file:

    sudo nano /etc/ssh/sshd_config
  2. Add the following line to the file just under the second line of the file:

    AllowUsers cloud_user
  3. Now, restart the ssh service:

    sudo service ssh restart

Conclusion

Congratulations on completing this hands-on lab!