disable root user?

We've had a box hacked recently and we would like to disable the root user but still be able to su or sudo and still have Webwin/Virtualmin with root privileges. We are on CentOS, is there a way to accomplish this?

Thanks!

Status: 
Active

Comments

Howdy -- any user with sudo rights can log into Virtualmin as the Master Admin.

So if you give an existing user sudo privileges, you can then disable root.

You could also just change the shell on the root account, so they can't log in via SSH and such, but can log into Virtualmin.

OK, dumb question...how do I sudo in a browser or how do I login as my user and sudo after authentication as me?

If you're logging into Virtualmin, you wouldn't need to -- that user automatically has Master Admin (root) rights.

You can see the rights the user has on the top-left, under the "Webmin" and "Virtualmin" tabs. It will say something like this if it's working as expected:

Login: USERNAME
Master admin