Hello,

I'm a new (on HMS) dedicated server customer. I noticed that in my server's ssh configuration AllowRootAccess is enabled. Then I see from my logs that after only 1 day, several attempts have been made to crack the root password.

Is there some reason that AllowRootAccess can't be disabled? That way at least the cracker would have to find a way in through some other account and then try to go after root with su. I have always run systems with this disabled in the past and I think it helps to tighten them up.

There should be no reason you can't. Just make sure the hmssys user (and your user) is in /etc/sudoers.

in:
/etc/ssh/sshd_config
Change:
#PermitRootLogin yes
to:
PermitRootLogin no

and /etc/init.d/sshd restart

Thanks for the quick reply.