LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   su (command) Authentication Failure (http://www.linuxquestions.org/questions/linux-newbie-8/su-command-authentication-failure-753154/)

ler0nldb2 09-06-2009 06:03 PM

su (command) Authentication Failure
 
ler0nldb2>su
Password:
su: Authentication failure

ler0nldb2>sudo -i
[sudo] password for ler0nldb2:
root@ler0nldb2:~#

In both cases, I used the same password.
When I first turn on my new pc, I don't recall supplying a passord to user root.

How can I issue command <su> and use the same password as my user id, ler0nldb2? I am the only user on this netbook and just want to use the same password when I login as root or as a user.

Thank you.

David the H. 09-06-2009 06:19 PM

First of all, you should give us your distro and other pertinent information. It helps us to know where you're coming from. Since you're complaining about sudo and root passwords, I'm guessing *buntu.


su and sudo are not the same thing. su is "switch user", and the password is the one for the user you're switching to, root by default. sudo is "super-user do", and you input your user's password, because root has given you the permission to run certain commands with administrative permissions.

AFAIK, the only way to make both passwords the same is to give both your user and root the same password. And that's not generally a good idea. You can configure sudo to run commands without a password, if you want, but again, that's not the most secure way to go about general maintenance. It makes it too easy to run commands a root by mistake and trash your system.

I'd suggest you simply keep things basically as they are. Give root a different, but memorable password, then simply call up a superuser console when you need it with su (or sudo, a little research should tell you how to call up a root console under sudo). You can keep that console open as long as necessary for what you need to do, and close it when you're done. It's not that big of a headache, really.

ler0nldb2 09-06-2009 06:33 PM

Quote:

Originally Posted by David the H. (Post 3672268)
First of all, you should give us your distro and other pertinent information. It helps us to know where you're coming from. Since you're complaining about sudo and root passwords, I'm guessing *buntu.


su and sudo are not the same thing. su is "switch user", and the password is the one for the user you're switching to, root by default. sudo is "super-user do", and you input your user's password, because root has given you the permission to run certain commands with administrative permissions.

AFAIK, the only way to make both passwords the same is to give both your user and root the same password. And that's not generally a good idea. You can configure sudo to run commands without a password, if you want, but again, that's not the most secure way to go about general maintenance. It makes it too easy to run commands a root by mistake and trash your system.

I'd suggest you simply keep things basically as they are. Give root a different, but memorable password, then simply call up a superuser console when you need it with su (or sudo, a little research should tell you how to call up a root console under sudo). You can keep that console open as long as necessary for what you need to do, and close it when you're done. It's not that big of a headache, really.

My pc came with Ubuntu 8.4.2 installed.
My problem is I don't know the password for root. As of now I cannot log in as root at boot time or issue command su.

I must have done something (accidentally?) when I first configured my system... Now the system insists that root has a different password that I don't know. I am the only user of this pc.

I agree to keep things as they are. But first, I need to know the password for user <root>

chrism01 09-06-2009 07:34 PM

I've heard that Ubuntu disables the root user ie no usable passwd by default, and the first non-root user created automatically has full sudo rights, as you've noticed.
(This is non-std in the *nix world).
Given that, you don't really need to enable root as such, you can do everything from that acct.
This is a common qn, so a search here at LQ (or google) should provide the answer if you really want to enable root.
As mentioned above, using different passwords is a good idea.

Oldlaptop321 09-06-2009 07:44 PM

Resetting
 
You can reset the root password in Ubuntu quite easily. At the boot menu, first press 'e', then type a comma, space, and the word single (, single) at the end of all the kernel= gibberish. It should give you a root shell without having to enter the password, at which point you can change the root password with the passwd command, then reboot to reboot.

ler0nldb2 09-06-2009 08:03 PM

Quote:

Originally Posted by chrism01 (Post 3672340)
I've heard that Ubuntu disables the root user ie no usable passwd by default, and the first non-root user created automatically has full sudo rights, as you've noticed.
(This is non-std in the *nix world).
Given that, you don't really need to enable root as such, you can do everything from that acct.
This is a common qn, so a search here at LQ (or google) should provide the answer if you really want to enable root.
As mentioned above, using different passwords is a good idea.

Thanks for the advice. I'll use sudo for all my administrative needs. The reason I panicked about the su command is I read and tried a code example given somewhere in a forum and felt like I must have bypassed the setting of the password for root and therefore, incorrectly configured my system.

David the H. 09-07-2009 02:33 AM

There are two things to consider when it comes to administrative security; protecting the system from unauthorized external access, and protecting it from your own careless mistakes.

Some people see su'ing into a root terminal as less-than-secure, because it's very easy to forget you're root and do something stupid to mess up your system, and/or to leave the root login open unnecessarily and leave your system vulnerable to anyone who walks by. The guys at Ubuntu decided that a good way to prevent this was to disable root access entirely, and simply require sudo for all administrative needs. They reason that if you never have a root window open then you're less likely to leave your system vulnerable, and if you always need to prefix administrative commands with "sudo" then you're less likely to mess things up accidentally.

But others disagree with that policy. Arguments against it include a) people will simply become used to sudo as a surrogate super-user and pay little attention to real security (it's too easy to just "sudo" this and "sudo" that), b) anyone who can gain access to the administrative user will immediately have full access to the whole system, and c) it goes against the original purpose of sudo, which was to provide selected users with limited access to a subset of commands only.

I guess in the end it's up to you to decide which is better. Personally, I rarely use either sudo or su directly, that is, I don't call on them from within a regular shell. Instead I open up a new console window especially for root access, one that's configured with a very different prompt and color scheme so I always know when I'm root and when I'm not. I physically and psychologically separate my administrative needs from my regular user activity. Of course I'm also the only person with regular access to these machines, so I rarely have to worry that much about external security; I only have to watch out for my own screw-ups :D.

chrism01 09-07-2009 08:38 PM

The other advantage of having su available is, for remote logins, you'd need 2 passwds, the normal user, then the root user.
With sudo, you'd only need the user passwd, twice.
Obviously this only applies if root is disabled in ssh.
In the end it's your choice.

ler0nldb2 09-08-2009 11:24 AM

Quote:

Originally Posted by chrism01 (Post 3673693)
The other advantage of having su available is, for remote logins, you'd need 2 passwds, the normal user, then the root user.
With sudo, you'd only need the user passwd, twice.
Obviously this only applies if root is disabled in ssh.
In the end it's your choice.

sudo su

Thanks.


All times are GMT -5. The time now is 05:44 AM.