Deny root login from Webshell?

Paul Lipinski's picture

Hi all,

I'm trying to figure out how to deny root from logging in through the webshell.  I love the fact that an SSH session is available right through a browser, but worry about the security of having root login so readily available to the world.

I can find ssh settings in webmin that prohibit root from logging in through an actual ssh session, but webshell seems to be a direct console type of application and it looks like it ignores those settings.  Even editing the ssh config file directly doesn't seem to affect anything related to webshell.

What would be the correct way to do this?

Thanks in advance!

Paul Lipinski's picture

Solved:

In /etc/default/shellinabox I changed:

SHELLINABOX_ARGS=--no-beep

to:

SHELLINABOX_ARGS="--no-beep --service=/:SSH"

This boots the shell as an SSH session.  It then follows the rules set in /etc/ssh/sshd_config:

PermitRootLogin no

Jeremy Davis's picture

That's great info and no doubt others will find it useful.

Post new comment