openbsd 禁止root远程登陆

1、增加普通用户.
adduser test
# adduser
Use option ``-silent'' if you don't want to see all warnings and questions.
Reading /etc/shells
Reading /etc/login.conf
Check /etc/master.passwd
Check /etc/group
Ok, let's go.
Don't worry about mistakes. I will give you the chance later to correct any input.
Enter username []: testuser
Enter full name []: Test FAQ User
Enter shell csh ksh nologin sh [sh]: ksh
Uid [1002]: Enter
Login group testuser [testuser]:test
Login group is ``guest''. Invite testuser into other groups: guest no 
[no]: no
Login class auth-defaults auth-ftp-defaults daemon default staff 
[default]: Enter
Enter password []: Type password, then Enter
Enter password again []: Type password, then Enter
Name:        testuser
Password:    ****
Fullname:    Test FAQ User
Uid:         1002
Gid:         31 (guest)
Groups:      guest
Login Class: default
HOME:        /home/testuser
Shell:       /bin/ksh
OK? (y/n) [y]: y
Added user ``testuser''
Copy files from /etc/skel to /home/testuser
Add another user? (y/n) [y]: n
Goodbye!
2、修改/etc/group
在wheel组中修改为
wheel:*:0:root,test
为了用test登录后,使用su切换到root

3、备份sshd_config
生产机器禁止ROOT远程SSH登录:
    #vi /etc/ssh/sshd_config
把#PermitRootLogin yes 修改为PermitRootLogin no  
去了"#".yes改为no.
保存 。
重启sshd。
再试用root远程登录。
不能登录。OK!

你可能感兴趣的:(root,职场,休闲,openbsd)