VMware Aria Operations 8.17.1

8.18 8.17.1 8.16 8.14 8.12
简体中文 Deutsch Español Français 日本語 한국어 繁體中文 English

Create a Local Administrative Account for Secure Shell

You must create local administrative accounts that can be used as Secure Shell (SSH) and that are members of the secondary
wheel
 group, or both before you remove the root SSH access.
Before you deactivate direct root access, test that authorized administrators can access SSH by using
AllowGroups
, and that they can use the wheel group and the
su
 command to log in as root.
  1. Log in as root and run the following commands. 
    # useradd username -d /home/vropsuser -g users -G wheel -m 
# passwd username
    Wheel is the group specified in
    AllowGroups
     for SSH access. To add multiple secondary groups, use
    -G wheel,sshd
    .
  2. Switch to the user and provide a new password to ensure password complexity checking. 
    # su – username
username@hostname:~>passwd
    If the password complexity is met, the password updates. If the password complexity is not met, the password reverts to the original password, and you must rerun the password command.
    After you create the login accounts to allow SSH remote access and use the
    su
     command to log in as root using the wheel access, you can remove the root account from the SSH direct login.
  3. To remove direct login to SSH, modify the
    /etc/ssh/sshd_config
     file by replacing
    (#)PermitRootLogin yes
     with
    PermitRootLogin no
    .

Content feedback and comments