Hello
I have read lots about how it's unwise to access WHM with root, although
it is really useful, the browser interface for stuff makes a lot of things easy and provides lots of feedback.
However, I am aware accessing the root login is a potential risk and I am looking at how to minimise this risk,without loosin any abilities.
So; I have setup a SSH key, for the root, which works perfectly for accessing winSCP / Putty / Filezilla etc. All good.
My question comes that:
- I would like to continue to use the WHM browser interface. How do I go about using this with my SSH key file? (Or am I confused and this is impossible?)
ConfigServer Firewall tells me:
Check SSH PasswordAuthentication :: For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication
- Once the above point 1 is setup, how do I go about disabling non-SSH logins using root? (I had researched this and thought I knew this, but that was a couple of months ago :-/ )
Cheers
I have read lots about how it's unwise to access WHM with root, although
it is really useful, the browser interface for stuff makes a lot of things easy and provides lots of feedback.
However, I am aware accessing the root login is a potential risk and I am looking at how to minimise this risk,without loosin any abilities.
So; I have setup a SSH key, for the root, which works perfectly for accessing winSCP / Putty / Filezilla etc. All good.
My question comes that:
- I would like to continue to use the WHM browser interface. How do I go about using this with my SSH key file? (Or am I confused and this is impossible?)
ConfigServer Firewall tells me:
Check SSH PasswordAuthentication :: For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication
- Once the above point 1 is setup, how do I go about disabling non-SSH logins using root? (I had researched this and thought I knew this, but that was a couple of months ago :-/ )
Cheers