LinuxHostingSupport

How to disable root login and create an alternate SSH user? In order to disable root access on your server, you need to create an alternate SSH user who have privileges to gain root access else you will be locked out of the system.

First, create a user say  ‘admin’

# useradd admin

Set a password for the new user

# passwd admin

By default, this user will have privileges to su to root but in case of a cPanel server, you need to add the user in the ‘wheel’ group.

WHM >> Security Center >> “Manage Wheel Group Users”

Once the user is created, follow the steps to disable the root access:

1) Edit the SSHD configuration file ‘sshd_config’:

pico /etc/ssh/sshd_config

2) Search the line

PermitRootLogin yes
and change it to
PermitRootLogin no

Once you are complete with the above changes, save the file and exit. You will have to restart the sshd service for the changes to take effect.

service sshd restart

Now, you will have to SSH to your server as user ‘admin’ and then su to root as follows:

login as: admin
admin@xx.xx.xx.xx’s password: <admin pass here>
[admin@server ~]$ su –
password: <root password here>
[root@server ~]#

You may receive the following message on accessing a VPS from the host server:

# vzctl enter 101
enter into VE 101 failed
Unable to open pty: No such file or directory

The reason behind is the missing tty/pty files OR the udev devices.

There are two ways of creating them, using the ‘MAKEDEV’ program OR copy the files from the host server itself.

Solution 1.

To create using the MAKEDEV program, execute the following commands on the host server:

# vzctl exec VEID /sbin/MAKEDEV tty
# vzctl exec VEID /sbin/MAKEDEV pty

You may need to update the startup files as well, so execute:

# vzctl exec VEID update-rc.d -f udev remove

Once the files are created, restart the VPS.

# vzctl restart VEID

Solution 2.

Directly copy the tty/pty files from the host server to a VPS with the following steps:

# cd /vz/root/<veid>/dev/
# rsync -a /dev/*  .

and restart the VPS.  You should now be able to enter the VPS.

• To fix the issue permanently,

1. Edit the file /etc/rc.sysinit of the VPS server:

# vi /etc/rc.sysinit

2. Search the line “/sbin/start_udev” and comment it

# /sbin/start_udev

3. Add the following lines after /sbin/start_udev commented line:

# /sbin/MAKEDEV tty
# /sbin/MAKEDEV pty

4. Now, reboot your VPS

# vzctl restart VEID

where, VEID is the VPS id of the vps in question.

You may come across the following error while restarting Apache:

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs

The reason is, some Apache processes are still running though the service is stopped and the port 80 is still binded to some processes.

In this case, you need to search out for the running Apache processes and have to kill them in order to start the service properly. To search the processes, execute:

fuser -n tcp 80

this will list all the PIDs of the running processes that are binded to port 80. To kill them, execute:

kill -9 PID

where, PID are the ones you retrieved from the previous command. Once you kill the PIDs, you can start the Apache service safely. The same is applied for port 443.

Why do server not showing up 4GB of RAM? By default a server supports up to a 4GB of RAM i.e. on a non-PAE kernel. If you wish to add 4GB RAM or more, you will have to install kernel-PAE package which addresses upto 64GB of RAM. Once you install the kernel with the PAE module, the server will show you the correct amount of installed RAM.

Use yum to install the module:

yum install kernel-PAE

Once the module is installed, you will have to edit the grub configuration file to make sure the new kernel is picked up on reboot. Edit the file using your favrioute editor:

pico /etc/grub/grub.conf

and change the line

default = 1

to

default = 0

Save and Exit the file. Once done, reboot the server for the changes to take effect.

/tmp partition full… How to increase /tmp partition in Linux?

You can create a Virtual partition on Linux in case your server isn’t built with a /tmp partition OR you need to increase the size of the partition for some reason, and then you can mount the virtual partition as /tmp.

The following steps will guide you to create a virtual partition:

1) To create a virtual partition of 2GB, use the below dd command:

# dd if=/dev/zero of=/home/tmp-dir bs=1024M count=2

2) Once the partition is created, you need to create the file system on it using the mke2fs command

# mke2fs -j /home/tmp-dir

3) Now, the partition is ready to be used but you need to mount it on /tmp directory.

# mount -t ext3 -o loop /home/tmp-dir /tmp

Here, we have used ‘loop’ while mounting /home/tmp-dir partition because we are not mounting an actual block device but to make a file accessible as a block device.

4) To verify the partition, execute

# mount

5) To make sure this partition is mounted automatically after every reboot, edit the /etc/fstab file and replace the /tmp line with the following one:

/home/tmp-dir /tmp ext3 defaults,loop 0 0

Hope, this helps.