How do I remove remote root logins on Linux Fedora core 2

How do I remove remote root logins on Fedora core 2, I want to be able to login using SSH but disable the root access except via "su".


Thanks


Jacko

[code:1]PermitRootLogin no[/code:1]
at your sshd_config.

May I recommend a couple of other measures..

Firstly, authenticate only using public / private keys rather than passphrase authentication.. as you said, login as a regular user and then gain privilege...

Furthermore you might want to consider using 'sudo' rather than su.. 'sudo' will allow you much more granularity, and you will only run as root for the duration of a task.. far less chance of doing something wrong.

I have set etc/sshd_config to:

#PermitRootLogin no

But i can still log in as root!

The public / private keys sound a good idea, do u have any info regarding the use and setup of that?

The main problem is that i checked my messages log and 2 different ip's are trying to hack into my pc!

thanks

"#" means that what follows is a comment and will not be interpreted.

about public key auth method on openssh, check
cfm.gs.washington.edu/security/ssh/client-pkauth/

Don't worry too much about failed login attempts, they are usually caused by mass-range scan & try scripts from scriptkiddies. They will try 2-3 common account combinations and go on..

Don't worry bout those scans.. as nske said, we all see them.. they try some logins like admin, temp etc etc.. if you switch to public key they wont be able to do anything at all.