If you need to disable shell access for a particular user, that can be done by editing the line for that user in the /etc/passwd file. So if we needed to change it for a user that is named user, you would open that file with a text editor, then change the line that begins with the username. So, when opening that file, you should see something like this:
user:x:526:598::/home/user:/bin/bash
To remove the ability to log in with ssh, you can change the last path to /bin/noshell
user:x:526:598::/home/user:/bin/noshell
Then save the file. Now that user will no longer be able to ssh into your box. This is useful to elevate the security of your machine if you have multiple users and only need ssh on certain ones.
Chris April 7th, 2011
Posted In: How To
Tags: ssh
There are times when you try to update cPanel from the UI and it will fail or will hang. When this happens, you are able to force the update from the comamnd line. SSH into the server as root, then run the following command.
/scripts/upcp --force
This will show you what is going on will normally fix any update issues that you were having, but will also help you to troubleshoot any problem that may come up with the update.
Chris January 21st, 2011
Posted In: cPanel Hosting, How To
To change your SSH port on CentOS you can first edit the sshd_config file located in /etc/ssh/sshd_config.
nano /etc/ssh/sshd_config
Once you open that up the port line should be commented out and look something like this:
#Port 22
So you can uncomment it and set it to whatever port you’d like…I’ll use 2222 in this example.
Port 2222
Once you do that go ahead and save it by hitting CTRL+O and enter, then CTRL+X to exit nano. Now we need to open up the new port in iptables by running these commands:
iptables -I INPUT -p tcp --dport 2222 -j ACCEPT
/etc/init.d/iptables save
/etc/init.d/iptables restart
Now that port 2222 is open and accepting connections, we can go ahead and restart the sshd service.
/etc/init.d/sshd restart
Once you do this go ahead and open a new terminal or PuTTy session and try to connect to the new port to test that it’s working while leaving your original session open in case it does not. If it doesn’t work please be sure you followed all the instructions carefully because if you close your first session you could get locked out of your server!
Mitch January 16th, 2011
Posted In: How To
Tags: ssh
To restart the ssh service, you will need to be logged in as root, then you can run
service sshd restart
or you could alternatively use
/etc/init.d/sshd restart
Chris January 16th, 2011
Posted In: General
In order to disable root access to SSH you’ll need to edit the sshd_config file. So open it up with your favorite text editor..
nano /etc/ssh/sshd_config
The line we are looking for is:
#PermitRootLogin yes
You can uncomment this line, then change the yes to no to disable root login.
PermitRootLogin no
After you do this and save it (Ctrl+O then enter for nano) you’ll need to restart the sshd process with ‘/etc/init.d/sshd restart’. Now when you first login to SSH you’ll need to use a different username, then you can type in ‘su -‘, hit enter then type in your root password to switch to the root username if needed!
Mitch January 14th, 2011
Posted In: How To