The system environment is the CentOS 6.4, introduce PAM (Pluggable Authentication Modules) in a simple configuration ssh and services.
You must add a normal user, and belongs to the wheel group to ensure that other users other than root can log into the system! ! ! ! ! ! !
useradd -g wheel admin
passwd admin
1 Disable root login
vim /etc/ssh/sshd_config
Add UsePAM yes
vim /etc/pam.d/sshd line by adding:
auth required pam_listfile.so item=user sense=deny file=/etc/ssh/denyuser onerr=succeed
echo "root" >> /etc/ssh/denyuser
Listed in / etc / ssh / denyuser users will be denied use password! !
2 allows a user the wheel group (root wheel does not belong to the default) using su:
vim /etc/pam.d/su line by adding
auth required pam_wheel.so use_uid