1
Is it ok and safe to remove the default user given by reliable-site? And how can I disable ssh listening on a couple domains?
Question asked by Christopher Latham - February 24, 2015 at 11:34 AM
Answered
First, as the question says, is it safe and is it OK to remove the default user, assigned by reliable-site.net once I have another user, "my user" and the "root" user both setup with passwords and ssh authorized_keys? I do not ever use the "customer" user and I see no need for it's $HOME or for the user itself.
 
Next...  can I disable "sshd" from listening on a couple of my domains? After my last ticket... LOL... where I got locked out of ssh, you all fixed this it... very quickly too... and all 5 IP's were then enabled the way that I wanted, which was exactly what I was working on when that happened. (Thanks by the way).
 
But I see that sshd is listening on all domains (4 configured now... even though I have 7 or 8 total), plus it's listening to the main IP that I connect to, which is only for the server. So, just as backup, I would like to keep at least one domain's ssh open, maybe even 2 just in case, but I feel just a bit vulnerable... at least for me... when I have 5 ssh connections being listened to.
 
If it is possible... since I have all domains as VirtualHosts and then the my hostname on my main IP & server for that only...  I would want to make sure that I fully understand how to disable and also to re-enable them each... as I do not want a repeat of getting locked out. And I want to know how to make the settings stay, until I reverse them. I'm not 100% used to Ubuntu 14.04 on a large dedicated server yet... only virtualized until now. And either 12.04 or Debian Weezy on my last dedicated.
 
Also, now that I think about it, I believe that it showed some of the sshd domains as connection established but that could be connections to reliable site (I wouldn't blame you since I did lock myself out once) or it could possibly have something to do with CloudFlare which may be monitoring them... I've never know ssh to be an option or part of their service monitoring though... or it could be a bot trying to hack  it... which is what I don't want.

2 Replies

Reply to Thread
1
Radic D. Replied
February 25, 2015 at 4:45 PM
Employee Post
It is ok to remove the default user, but it's highly recommended that the following changes be made to enhance security:
 
1. Change the default SSH port.
2. Disable the root user.
3. Firewall off any unused ports.
 
This is just a basic security ruleset that will protect against some of the more common attacks. 
0
Christopher Latham Replied
February 25, 2015 at 7:59 PM
Thank you very much. I had root set to nologin so only I can login with my private key on my laptop, but I dd not have any of the other 2 done... which I just did... so thank you for mentioning that.

Reply to Thread