-   Linux - Software (
-   -   Auto login on first console? (

jon_k 11-15-2006 04:20 AM

Auto login on first console?
I'm running a couple of servers here and it is often a pain to log in via root via console every time I need access.

Is there a way you can configure the console to autologin as root on every startup, that way quickly troubleshooting a problem can be done without having to log in?

It also helps cause some of our customers change their root passwords and having to get an update on the password can cause trouble.

Thanks. I've googled quite a bit but can't dig up anything useful.

b0uncer 11-15-2006 04:28 AM


Is there a way you can configure the console to autologin as root on every startup, that way quickly troubleshooting a problem can be done without having to log in?
I would hope there wasn't, but it seems in Linux you can do pretty much whatever you like. Anyway, you don't don't don't want to autologin as root, it's probably the most idiotic thing to do (right after kicking your boss in the face); that way anybody could get root access and do nasty stuff. Root should only log in in case of an emergency, even the regular administrative tasks should be done by logging in as some non-root user and then using sudo or su to handle the root stuff, and stop using it when not necessary.

Would you really want to have your server to automatically log in as root, giving full permissions to the first dude who gets to the place? No, I doubt you do. And if you think about your customers, nor do they.

jon_k 11-15-2006 08:08 AM

I still insist on how to do it though.

If somebody has physical access to your server, a password is a small roadblock of a few minutes if somebody is dedicated to getting in.

This is a secure facility (and I mean very secure, with badge access and everything, only a few people are allowed in this room) if anyone were to get in here with physical access it would mean a bigger problem then a single machine being compromised.

I wouldn't do this to a public kiosk, but in this type of facility it seems logical.

I'm quoting one of the 10 Immutable Laws of Security here (Published by Microsoft, unfortunately, but good/funny anyways)

Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore

* He could mount the ultimate low-tech denial of service attack, and smash your computer with a sledgehammer.
* He could unplug the computer, haul it out of your building, and hold it for ransom.
* He could boot the computer from a floppy disk, and reformat your hard drive. But wait, you say, I've configured the BIOS on my computer to prompt for a password when I turn the power on. No problem – if he can open the case and get his hands on the system hardware, he could just replace the BIOS chips. (Actually, there are even easier ways).
* He could remove the hard drive from your computer, install it into his computer, and read it.
* He could make a duplicate of your hard drive and take it back his lair. Once there, he'd have all the time in the world to conduct brute-force attacks, such as trying every possible logon password. Programs are available to automate this and, given enough time, it's almost certain that he would succeed. Once that happens, Laws #1 and #2 above apply.
* He could replace your keyboard with one that contains a radio transmitter. He could then monitor everything you type, including your password.

johnson_steve 11-15-2006 01:42 PM

wow! well you can't stop someone from shooting themselves in the foot so here you go:

edit this file: /etc/inittab

and change this:
c1:12345:respawn:/sbin/agetty 38400 tty2 linux

to this:

I only know this becase mine looks like this:
c1:12345:respawn:su - steve startxfce4

so I can have autologin to xfce without a display manager.

I would never do what you want to do.

All times are GMT -5. The time now is 06:20 PM.