Security Advisor Issues
Hello,
I've recently migrated to a new VPS and I'm trying to get everything up to scratch. I've had a look at the Security Advisor in WHM and have sorted some of the issues, but there are some which I'm not sure about!
[QUOTE]A newer kernel is installed, however the system has not been rebooted. running kernel: 2.6.32-042stab090.5, most recent installed kernel:
Reboot the system in the "Graceful Server Reboot" area. Check the boot configuration in grub.conf if the new kernel is not loaded after a reboot.
I've performed a "Graceful Server Reboot" as recommended, but the same warning above still shows when running Security Advisor. Not sure how to deal with that? [QUOTE]SSH password authentication is enabled. Disable SSH password authentication in the "SSH Password Authorization Tweak" area
Isn't SSH password authentication a good thing? I don't really understand how turning this off improves security? [QUOTE]SSH direct root logins are permitted. Manually edit /etc/ssh/sshd_config and change PermitRootLogin to "no", then restart SSH in the "Restart SSH" area
If I edit sshd_config and change PermitRootLogin to "no", won't that lock me out when I try to connect to server via SSH? Hope someone can advise on these issues. :) Myles EDIT. I'm having trouble finding the grub.conf file as in first issue above. I've looked in boot/grub/ but that just contains - splash.xpm.gz I've also looked in etc/ but it's not there either. ???
I've performed a "Graceful Server Reboot" as recommended, but the same warning above still shows when running Security Advisor. Not sure how to deal with that? [QUOTE]SSH password authentication is enabled. Disable SSH password authentication in the "SSH Password Authorization Tweak" area
Isn't SSH password authentication a good thing? I don't really understand how turning this off improves security? [QUOTE]SSH direct root logins are permitted. Manually edit /etc/ssh/sshd_config and change PermitRootLogin to "no", then restart SSH in the "Restart SSH" area
If I edit sshd_config and change PermitRootLogin to "no", won't that lock me out when I try to connect to server via SSH? Hope someone can advise on these issues. :) Myles EDIT. I'm having trouble finding the grub.conf file as in first issue above. I've looked in boot/grub/ but that just contains - splash.xpm.gz I've also looked in etc/ but it's not there either. ???
-
[QUOTE]A newer kernel is installed, however the system has not been rebooted. running kernel: 2.6.32-042stab090.5,
you are on a VZ platform you cant upgrade your OS kernel you can only do this with xen, kvm, etc [QUOTE]SSH password authentication is enabled.
its is more secure to use ssh keys [QUOTE]SSH direct root logins are permitted.
you add a user to Manage wheel group users and use su to log into root [QUOTE]EDIT. I'm having trouble finding the grub.conf
as stated before you do not have a grub.conf on a VZ platform you only have it with xen, kvm, etc as VZ platforms are not true virtualization0 -
[quote="dalem, post: 1732691">you are on a VZ platform you cant upgrade your OS kernel you can only do this with xen, kvm, etc
OK. So I just ignore that message as not applying to my setup then? [QUOTE] its is more secure to use ssh keys
So I create an SSH key and if my host needs to access the root I supply them with the key? [QUOTE]you add a user to Manage wheel group users and use su to log into root
I'll have to Google that one, as you've lost me for the moment. :) [QUOTE]as stated before you do not have a grub.conf on a VZ platform you only have it with xen, kvm, etc as VZ platforms are not true virtualization
OK, so no further action required on that. Thanks for the help! :)0 -
Hello :) 1. You could provide your hosting provider with the following document to see if they can make the change for you: [url=http://kb.parallels.com/en/118780]KB Parallels: How to change the kernel version shown inside container? 2. Yes, or they can access your VPS directly from the VPS node. 3. It's managed via: "WHM Home " Security Center " Manage Wheel Group Users" You create a user, add it to the wheel group, create a SSH key or password for this user, and then access SSH as that user. At that point, you can type "su root" to proceed to root access. Thank you. 0 -
[quote="cPanelMichael, post: 1732812">Hello :) 1. You could provide your hosting provider with the following document to see if they can make the change for you: [url=http://kb.parallels.com/en/118780]KB Parallels: How to change the kernel version shown inside container? 3. It's managed via: "WHM Home " Security Center " Manage Wheel Group Users" You create a user, add it to the wheel group, create a SSH key or password for this user, and then access SSH as that user. At that point, you can type "su root" to proceed to root access.
OK great. I'll get that sorted. Thank you. :)0
Please sign in to leave a comment.
Comments
4 comments