Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Disabling Remote Management Using the Root User

  1. For security purposes, perform O&M operations as the globalcacheop user, rather than the root user.
    1. Remove the restriction that forbids common users to use the su command.
      vi /etc/pam.d/su

      Use the comment tag (#) to comment out the line in the red box.

    2. Disable remote management using the root user. 
      1
      		 
      vi /etc/ssh/sshd_config

      Change the value of PermitRootLogin to no.

    3. Run the following command to restart the SSHD service to make the configuration take effect: 
      1
      		 
      systemctl restart sshd.service
    4. Change the validity period of the O&M account password to 90 days. 
      1
      		 
      passwd -x 90 globalcacheop

      Set the number of days for generating an alarm before the O&M account expires to 7.

      1
      		 
      passwd -w 7 globalcacheop

      Enable the O&M account password to be changed within 35 days after it expires.

      1
      		 
      passwd -i 35 globalcacheop

Parent topic: Configuring Security