Paul Lipinski's picture
Paul Lipinski - Thu, 2013/01/31 - 23:42

Hi all,

I'm trying to figure out how to deny root from logging in through the webshell.  I love the fact that an SSH session is available right through a browser, but worry about the security of having root login so readily available to the world.

I can find ssh settings in webmin that prohibit root from logging in through an actual ssh session, but webshell seems to be a direct console type of application and it looks like it ignores those settings.  Even editing the ssh config file directly doesn't seem to affect anything related to webshell.

What would be the correct way to do this?

Thanks in advance!

Forum: 
Support
Tags: 
security
login
ssh
root
webshell
Paul Lipinski's picture

Paul Lipinski - Sat, 2013/02/02 - 02:46

Solved:

In /etc/default/shellinabox I changed:

SHELLINABOX_ARGS=--no-beep

to:

SHELLINABOX_ARGS="--no-beep --service=/:SSH"

This boots the shell as an SSH session.  It then follows the rules set in /etc/ssh/sshd_config:

PermitRootLogin no

Jeremy Davis's picture

Jeremy Davis - Sat, 2013/02/02 - 05:47

That's great info and no doubt others will find it useful.

Add new comment