ssh root login dont work after "Securing trixbox C

Discussion in 'General' started by alben, Jan 29, 2010.

  1. alben

    Joined:
    Jan 20, 2010
    Messages:
    28
    Likes Received:
    0
    Hi I was following the
    Securing trixbox CE
    (which is easy and good)
    By
    Tim Yardley
    AKA Engineer Tim

    steps like (extract)

    chkconfig --list

    chkconfig ircd off
    chkconfig netfs off
    chkconfig nfslock off
    chkconfig openibd off
    chkconfig portmap off
    chkconfig restorecond off
    chkconfig rpcgssd off
    chkconfig rpcidmapd off
    chkconfig vsftpd off

    useradd trixuser
    passwd trixuser

    /etc/ssh/sshd_config

    AllowUsers trixuser
    PermitRootLogin no
    Port 2222

    all fine

    but i really want also is a ssh user with admin rights
    so i decided to change back to initial status

    since then my ssh root login dont work anymore
    ssh trixuser is fine
    root login in elastix server is ok

    what can i do to get my ssh root login back againg?

    thanks
     
  2. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    To reverse Engineer Tim's work:

    If you remove

    AllowUsers trixuser
    PermitRootLogin no
    Port 2222


    from /etc/ssh/sshd_config

    and

    /etc/init.d/sshd restart

    (that is necessary or nothing will change) after this your sshd will be just as before.

    If ANY ssh user has root privileges, you have not improved the security however, the idea is to

    a) change the port to reduce drive-bys
    b) disallow the gaping security risk of allowing any ip to attempt root login

    so all those changes are a "good thing", the idea is to allow only a non-privileged account, and then after logging in with that account issue

    su - root (or just su - )

    which will then give you root access.

    I suggest a more robust setup might be

    allowusers <non privileged account>
    RSAAuthentication yes
    PermitRootLogin no
    Port <some arbitrary port above 1024>
    PasswordAuthentication no
    PermitEmptyPasswords yes

    and set up key pairs for authentication, make sure the keys work before PasswordAuthentication no or you will lock yourself out.

    the su - thing will still work fine



    for your reference:
    http://www.faqs.org/docs/securing/chap15sec122.html
     
  3. alben

    Joined:
    Jan 20, 2010
    Messages:
    28
    Likes Received:
    0
    SOLVED

    thanks for your help
    trick was i needed to remove trixuser anyway

    now is ssh safe as manual
    thanks for the su - hint
    was not in my book which is not very good in linux
     
  4. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    no it wasn't the trixuser, your sshd server remains as unsafe as ever if you removed those lines, check /var/log/secure for attempts on your box.
     
  5. alben

    Joined:
    Jan 20, 2010
    Messages:
    28
    Likes Received:
    0
    i mean
    i forgot to remove the trixuser line, but when i removed my ssh root login worked again just as if a new elastix install, i did that just for testing purposes, of course i aplied again the security hints, changed the trixuser name, etc
    i get a dinamic public ip, also changed my freepbx password admin/admin
    am i still unsafe?

    what i need to change now is my ip/a2billing default admin/mypassword
    how i do that?

    now im looking at my var\secure file but how do i read if i was being hacked?

    thank a lot my friend
     
  6. alben

    Joined:
    Jan 20, 2010
    Messages:
    28
    Likes Received:
    0
    Securing trixbox C problem

    Hello,
    ever since i applied Securing trixbox CE,
    i cant access to my elastix from outside my LAN,
    I need that access so phones registers and have access a2billing from outside.

    thanks
     
  7. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    Re:Securing trixbox C problem

    Maybe engineertim or the trixbox forum can help you here. Personally I have no interest in trixbox and your post only mentions ssh, I suggest you undo eberything you did bit by bit and see when it starts working again.
     
  8. alben

    Joined:
    Jan 20, 2010
    Messages:
    28
    Likes Received:
    0
    Re:Securing trixbox C problem

    my mistake, the router firewall was blocking
    ssh is secure now
    thanks
     

Share This Page