|Perl Monk, Perl Meditation|
Re^7: [OT] A New Everything ?by afoken (Canon)
|on Sep 21, 2020 at 20:36 UTC||Need Help??|
That should not work. Really, disable root login, or at least setup public key authentication. You really, really, really don't want a password-based root login on anything reachable from the internet, not even when you use SSH. Generally, create an unprivileged user, make sure that user can use sudo (member of sudo or wheel group, depending on Linux distribution), and disable root login via ssh.
In /etc/ssh/sshd_config, set PasswordAuthentication no to completely disable login with passwords, and set PermitRootLogin no.
See also Greetings and salutations | sudo.
Q2) (No question too stupid, right) If I'm loggged in as root, do I use sudo on my commands?
Generally, you should not work as root, but instead use sudo. If you work as root, sudo is redundant, it just wastes CPU cycles.
Oh, and by the way: sudo su is still around in far too many HOWTOs. You do not need su at all, uninstall it. Use sudo -i if you insist on getting an interactive root shell. Use sudo -e somefile to edit a file as root.
Q3) How do I keep tally and track of robots that want to knock on my door?
Depends on your provider. The easiest way is to ignore them and let your provider deal with them.
Another quite easy way is to use fail2ban. It works especially well if your home (or office) uses a fixed IP address that is permanently whitelisted, that allows a very aggressive blacklisting of any system trying to access your server.
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)