Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello there guys. I've got the following message when trying su -:
Password:
su: Authentication failure
Sorry.
This is very very strange. Last time i had the computer on, i was configuring my wireless connection with wpa2, and i had no problem using sudo or using su -. Now, i boot up my computer, and i can't do this; i tried doing sudo apt-get update, and it did it fine. What happens is it just thinks for a while and then displays the last 2 lines before bringing me back to a prompt.
I haven't changed my password or nothing, it just stopped working. I have a kubuntu 7.04 system.
If this is so, then i don't ever need to use 'su -', to become root, since i just add sudo to whatever command that needs root privileges. This in fact is very cool then, cause i think i read somewhere that it's not secure to perform things being root. So yeah, sounds good. Either way, i'll change the sudo root password to check, and also because it's been a while since i changed it, so it's about time now.
BTW, sudo su did change me to root, so that worked.
Thanks guys, if something gets messed up, i'll be sure to post it up here.
If this is so, then i don't ever need to use 'su -', to become root, since i just add sudo to whatever command that needs root privileges. This in fact is very cool then, cause i think i read somewhere that it's not secure to perform things being root. So yeah, sounds good.
Yeah, no reason at all to use "su -". Like I said, "su -" shouldn't even work at all. If for some reason you want to become root for more than a few commands then use somehting like "sudo -i" or "sudo -s". Check "man sudo" for info about those.
Quote:
Either way, i'll change the sudo root password to check, and also because it's been a while since i changed it, so it's about time now.
There is no sudo root password. There is only the password of your non-root user account with sudo privilages (by default it's the user you created during the install). More specifically, it's any user with membership to the "admin" group. I know this is likely what you meant but I'm stating it here just to make sure.
When you use sudo you are still operating w/ root privilege, so be careful -- it's just as dangerous.
sudo su & sudo su - will also work.
It is arguable (I wouldn't call it debatable because of the heat involved) whether allowing root privilege based on a regular user password is more or less secure than having a separate root password.
(Homework Assignment: Guess which side I'm on. )
I think that a "sudo vs. su" discussion would be okay in this thread (it is not off-topic). So if anyone has any fact-based info/opinions/links about the issue, please do post them. Heat only manifests itself when we limit ourselves to "this is the way I prefer" without providing any factual basis which can help others make their own decision. Nothing wrong with an opinion, of course - it's just that we are all much better-off if we try to go a little further into technical aspects.
Thanks for clearing that out for me, cause i didn't mean that at all. I thought that sudo took you to a root state for the command being executed at the moment, but now it all seems just right\. I agree that the change is kinda strange, and it is indeed a curve ball. Either way, on Ubuntu and Kubuntu works just fine to use sudo, basically don't need to ever become root. In fact, when using Slackware, just recently, i found out that you can use sudo -c and you are not required to become root anymore, which i kinda like that better, just in case you forget to exit the root mode.
I hope i didn't create any kind of problem by posting all these inquiries, i just had the doubt and a lot of things started brain-storming into my head. I guess that's why i use linux. Frees up your mind.
Well, historically we had
su
to switch user,
su -
to switch user AND gain their env settings.
By default it switches to root if you don't specify a different user.
suod was invented to allow non-root users to do the odd elevated priveleges cmd to save wear & tear on the sysadmin.
The original idea was you would always specify exactly which cmds could be used via sudo ie
sudo su -
would not normally be allowed.
However, architecturally it works just as well.
Personally I would go with sudo for specific cmds only.
You might just as well give a user the root passwd and use
su -
if you give them the ability to do the same via sudo.
However, iirc, sudo does have a logging option, which is an advantage over su.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
)
