TurnKey Linux Virtual Appliance Library

Deny root login from Webshell?

Hi all,

I'm trying to figure out how to deny root from logging in through the webshell.  I love the fact that an SSH session is available right through a browser, but worry about the security of having root login so readily available to the world.

I can find ssh settings in webmin that prohibit root from logging in through an actual ssh session, but webshell seems to be a direct console type of application and it looks like it ignores those settings.  Even editing the ssh config file directly doesn't seem to affect anything related to webshell.

What would be the correct way to do this?

Thanks in advance!

Solved: In

Solved:

In /etc/default/shellinabox I changed:

SHELLINABOX_ARGS=--no-beep

to:

SHELLINABOX_ARGS="--no-beep --service=/:SSH"

This boots the shell as an SSH session.  It then follows the rules set in /etc/ssh/sshd_config:

PermitRootLogin no

Jeremy's picture

Thanks for posting back

That's great info and no doubt others will find it useful.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)