The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Ssh - Disable root login with ssh keys

Discussion in 'Security' started by cashgold, Mar 20, 2014.

  1. cashgold

    cashgold Registered

    Joined:
    Mar 20, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    Hi,
    I've disabled ssh access with password preferring doing it with ssh keys.
    Now I want to disable ssh root access and add a new user to whell group.

    I've created the new user via cli more than cpanel web interface, so I don't have to put fake information like domain and so on.
    I've added the new user to the wheel group but at this point I'm stucked. I cannot ssh login with the new user because the server require an ssh key. From cpanel WHM I can generate ssh keys only for root, and from cpanel account administration panel (port 2083) I cannot access the user specific one because I created it via cli.

    Thanks
     
  2. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    Do you have KVM access so you can edit your sshd_config and enable passwords temporarily
     
  3. cashgold

    cashgold Registered

    Joined:
    Mar 20, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    I can access the ssh, I've not still disabled root login.
    Just want to know how to allow non-root user to access ssh with an ssh-key (not password) After being successfully I'll disable root login.
    I can create ssh key for non-root user through cpanel, but only if I create a cpanel account (with domain and additional infos)
    I'm wondering how to create ssh keys for user created through cli (command adduser)

    Thanks
     
  4. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    su username
    ssh-keygen -t dsa
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    649
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, simply access SSH as the user using the account password and then generate a key with the instructions from the last post.

    Thank you.
     
  6. cashgold

    cashgold Registered

    Joined:
    Mar 20, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    Solved applying dalem suggestion and duplicating the newly created key file in /home/newuser/.ssh and renaming it to authorized_keys
     
  7. Sys Admin

    Sys Admin Well-Known Member

    Joined:
    Apr 29, 2007
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Make sure to generate new keys (public & private) for each new user for security reasons.
     
Loading...

Share This Page