Create a hidden user on a desktop for admin purposes, need to find a free UID number
 

I am wanting to create a hidden user on a client based station as an alternative to root.

Basically I want to make my own "Joshua" like in Wargames, except that I'll set it up so it's almost like root, but not completely. The primary reason behind it is that I want to be able to run all the custom scripts and backup any potentially critical data using an alternate account so I can give root a really strong password and not be concerned that the end user will be able to break into root, but still leave root accessible for the Administration to access if really necessary.

I know it sounds like a lot of extra work, and a possible security loophole, but I think if we hide the account and make it so I can only sign into it from a terminal, that will increase the security of said account.

So far what I have come up with is to set the UID to a number less than 1000. Problem is, I'm not able to determine what numbers are available, and I don't want to keep guessing till I find one. Is there an easy way to determine that? I don't want to hijack a UID of a running process just in case I have to back out of this idea at a later date and risk damaging part of the system.

If anyone wants to help take on this task, that would be very much appreciated :)

Security by obscourity never works. Besides that, when you set up the root account with a strong password to prevent the end-user from breaking into that account there is no need for a separate admin user at all.

Ok...
 

Let's assume that I make the password for root super difficult to remember and I want to have a backdoor just in case I forget the root password and need to have an account that lets me backup all of the files on it without giving a known user account access to that.

This is a possible scenario where I can forsee this being useful for me.

Dude, if you can't "figure out" used or available UIDs then how will you ever keep out the guy who can?

There are SO many things wrong with this request.

Good luck.

you already have a "root" account

use a LONG 12 to 16 character password
something like a two or three word phrase

BAD for YOU
but VERY VERY VERY EASY for a computer to crack in less than 30 Min.
99% of people use one of the top 10,000 passwords

"2jir976&0Z<?08yFod4VoN*#kY(@!0A~ot@#SroE" is near imposable for you to remember but is easy to crack ( or you wright it down on paper )

BUT
"LifeIsA-BowlOfCherries,ThenWhyAmI-InThePits"
is near imposable to crack but is VERY easy fo a human to remember
( thank you Erma Bombeck )
or
"OneRingy-dingyTwoRingy-dingyThreeRingy-dingy"
( think "laugh-in" regular , kudos to who remembers the "telephone operator" in the skit )

Lily Tomlin.

#OldGuysRule

yes back in the day when a REAL person had to MANUALLY connect you to the other person
using a switch board with jumper cables

I was merely attempting to speculate on the matter as I cannot find a lot of useful information in regards to the subject.

Furthermore, if a system is properly set-up, I can keep out the people that would attempt to hack the system as there are many ways to limit a user's access.

Also, a random password such as the one described above is actually quite difficult to crack as the responses to each query of the password is a simple Pass/Fail, therefore it would take a system a good long while to figure out that random Alpha-Numeric combination. Insert some symbols and you have a ridiculously complex password. Also one needs to consider that unless the user has physical access and the capabilities of running a script that could obtain access to the passwords file on a machine fast enough to compute the password hashing quickly enough via a Rainbow table or some other means, the odds of them successfully cracking a password is limited to the connection into the machine, and fail safe's can be put into place to rectify that. So no, this idea is not that outlandish, it is a less secure plan I agree, but I was merely wanting to see if anyone wanted to try to take on the challenge of something that is outside the box in thinking.


I think that to figure out this "hidden" user, one would need access to the machine in some fashion, and proper access with an account that could tell that user everything they wanted to know in the first place, thus negating this whole idea from the get go. If someone made every account but the hidden one severely restricted, this would limit most methods of cracking this idea.

Example: change all users path to only include a specific folder that has access to the essential software for that user. Restrict access to the system folders on a per group basis, meaning if your not in say admin, you can't access /boot, /etc, /dev, /usr/bin, etc. and I think that methods of that caliber would limit the hackability of this idea.

Besides, this is all in good fun, and a constructive thinking idea I had that I wanted to test my knowledge on.

Don't allow remote root access (I thoght til today every admin would know this basic security principle) and use key based authentication instead of passwords, so neither the user's nor the admin's password can be cracked with brute-force methods from a remote location.

No need for a hidden user if you don't allow remote password authentication.

This is nothing new, just use chroots.

That's what I was saying, the "hacker" in question would need physical access to crack anything. Why on earth would anyone do remote logins unless it was over SSH and would only accept a known key that was preauthorized?

I was on of those operators in college.

Security 101:
There is No Security without physical security.

sudo was made for this.
UIDs < 1000 I "think" are hidden from graphical display managers.

Any other wheels to re-invent? :)

Edit0:

re: Security 101:
There is No Security without physical security.
Lock down the BIOS and protect CMOS with passwords,
restrict the boot order, Power-On Password, Encrypted LVMs...
That is a hardy start.
Combined with a strong root password and a sudo account.