文档
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Disabling Remote Logins of the Root User

  1. For security purposes, log in as the globalcacheop user, rather than as the root user, to perform O&M operations.
    1. Remove the restriction that forbids common users to use the su command.
      vi /etc/pam.d/su

      Use the comment tag (#) to comment out the line in the red box.

    2. Disable the remote login of the root user. 
      1
      		 
      vi /etc/ssh/sshd_config

      Change the value of PermitRootLogin to no.

    3. Run the following command to restart the SSHD service to make the configuration take effect: 
      1
      		 
      systemctl restart sshd.service
    4. Change the validity period of the O&M account password to 90 days. 
      1
      		 
      passwd -x 90 globalcacheop

      Set the number of days for generating an alarm before the O&M account expires to 7.

      1
      		 
      passwd -w 7 globalcacheop

      Enable the O&M account password to be changed within 35 days after it expires.

      1
      		 
      passwd -i 35 globalcacheop

Parent topic: Configuring Security