How does on login as the root ? And what password do I use for it ?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Thanks so much for all your replies and wanting to help me.
Let's suppose my sudo password is John
Would that be the root password also if I had used that when I created it upon installation of Ubuntu ?
We'll John is my password when I login to my computer once I boot it from start and enter in my username.
Would the su password be the same as the sudo password ? 'Cause it's not.
Then, what would it be ?
It doesn't really matter what the root password is, however I think ubuntu creates a root user without a usable password so the command "sudo passwd root" with the sudo account will allow you to change that password (remember that sudo asks for the user's password, not root's that would be su), however there are so many alternative ways to by pass it elsewise... for example "sudo /bin/bash" in terminal will create a bash session as root or on boot, edit the grub boot configuration, go to the kernel line and append "init=/bin/bash" will give you a single uesr mode like status where you can effectively change everything anyway... I know this, had to fix Ubuntu servers in the past... my experience says don't use Ubuntu for a server, heh.
Last edited by r3sistance; 10-12-2009 at 04:26 PM.
Its a good habit to get into using 'SUDO'. When I first started using linux I always wanted to use root. Then distros stopped allowing it by default.. Many questions are asked in these forums regarding root! Get used to SUDO its much safer and there isn't a thing you can't do without it.
Basically, all *nix (except Ubuntu ...sigh...) ask you to provide a root passwd at installation. This is (also) the passwd to use for the 'su -' cmd.
Ubuntu decided to be different and basically disable the root acct. Instead they automatically give the first created non-root acct full access by creating an
su -
entry in sudoers file, so that
sudo su -
gives you full root access. Note that the sudo cmd takes the current user's passwd, not root's.
The root acct is still there, as *nix won't run without it.
In the traditional approach, a non-root user would have to know both his own acct passwd to login and root passwd to become root via 'su -'.
Under Ubuntu, he only needs to know his own.....
Note also that sudo wasn't originally designed to give any sudo user full root access. It was designed so that root could give access to specific cmds (on specific boxes) to specific users ie junior admins.
I'm not looking for a fight here, but it's probably a bad idea to capitalize the names of Linux commands in responses, unless the actual Linux command contains caps. "sudo" is not "SUDO", in fact, "SUDO" it not a command at all. It's probably obvious to anyone who's used Linux for years, but not so obvious to the newbie.
...Then distros stopped allowing it[root] by default..
Only Ubuntu, as far as I am aware.
Quote:
... Get used to SUDO its much safer and there isn't a thing you can't do without it.
Besides, you're less likely to screw things up!
How, exactly, is a fully root-enabled user account going to prevent mistakes? "su -c <command>, <password>", "sudo <command>, <password>", "su, <password>, <command>"...if you don't know what you're doing, you might make a critical error(for that matter, you might mess up even if you know what you're doing)..."sudo" won't protect you from a lack of knowledge. Its intent is to give a user *limited* root access=>
Quote:
Originally Posted by chrism01
Note also that sudo wasn't originally designed to give any sudo user full root access. It was designed so that root could give access to specific cmds (on specific boxes) to specific users ie junior admins.
And is, in fact *less* secure
Quote:
Originally Posted by chrism01
...Note that the sudo cmd takes the current user's passwd, not root's.
than requiring the actual root password... if you can't/aren't authorised to login as root, you shouldn't get to be root via a misused command + a non-root-user's password.
How, exactly, is a fully root-enabled user account going to prevent mistakes?
You're reminded that you do something that's critical any time you try. If you're root, you're just free to go. OTOH, as you describe, using su is a healthy way. I use both Debian and Ubuntu, and Debian's dialogue to require root privileges isn't much different from Ubuntu's dialogue asking for your password.
I don't think root access is a bad thing, but it's pretty hard to root a Ubuntu box without knowing the username of the main user... There's no root you could brute-force.
Quote:
And is, in fact *less* secure
Only if the password of the main user is discovered - remember, you're not root if you have to use sudo. The only thing one could discuss is the setting to store the password for the running session... Bottomline: Never leave your terminal unattended, log out if absent or use screen lock.
Quote:
than requiring the actual root password... if you can't/aren't authorised to login as root, you shouldn't get to be root via a misused command + a non-root-user's password.
Why? What if the root password is discovered? I think it's *all* in the password - handling systems of either design is too similar to offer a real distinction. Use secure passwords, don't write them down, ever. Know your system's potential weaknesses and don't forget to prevent misuse by securing your system while you're not working at it.
You're reminded that you do something that's critical any time you try. If you're root, you're just free to go. OTOH, as you describe, using su is a healthy way. I use both Debian and Ubuntu, and Debian's dialogue to require root privileges isn't much different from Ubuntu's dialogue asking for your password.
I don't think root access is a bad thing, but it's pretty hard to root a Ubuntu box without knowing the username of the main user... There's no root you could brute-force.
If we are on about an attack over the internet and we are talking about a server, you'd be surprised how unsecure alot of servers actually are. More so how unsecure the administrators of alot of servers are, I work in a datacenter so I get to see ALOT of compromised boxes, I think the only OS I have ever dealt with that I am yet to see compromised is Mac OS but I think that's more due to usage (or there lack of) then anything else.
All disabling root does, it blocks the basic bots/scripts from brute forcing/dictionary attacking (against root), but if you got even half a decent set-up anyway they won't do anything (strong password, password attempt limits). It's the pros, the real crackers you gotta worry about and if you think disabling root really sets them back, then I would say it's a false belief. Anyways as far as it goes, most people when asked to make an account name for a server will end out choosing something simple like admin anyways (and yes, the brute forces try account names like admin and administrator as well)... so protection against brute-force isn't there when you consider user-apathy to security... unfortantly that same apathy does allow the basic bots/scripts to actually strike against root accounts of some servers with stupidly easy passwords. Tho I have to say alot more usernames and passwords in my opinion get figured out from FTP...
But if we are on about a normal set-up, without a protected /var then your potentially open to thinks like root kits anyways, protecting /var with nosuid, noexec and nodev are extremely important on a server, potentially important on a desktop too, if you have the wrong services running or ports open.
If we get into physical security then Ubuntu has none...
Quote:
Originally Posted by r3sistance
on boot, edit the grub boot configuration, go to the kernel line and append "init=/bin/bash" will give you a single uesr mode like status where you can effectively change everything anyway...
If grub is passworded, reinstal grub... it's all too easy really. Once in the command line just "sudo passwd root" and it's all swinging fine again. or edit the sudoer's file.
Last edited by r3sistance; 10-13-2009 at 08:05 AM.
Still going through a learning curve with this sudo thing
Ok..thank you all for responding. I appreciate this community, and your comments with suggestions and explanations.
Let me tell you this, the only password that I've had to create initially after the Ubuntu 9.04 install is the same one I am asked when using the sudo command when installing or editing a configuration file. I'm always signing in with my name and this password. The system logs me in, I install software embedded in Linux, get asked my sudo password, and a way be go. Sometimes stuff doesn't load up, and that's another story. Nevertheless, I suppose that what I am doing in regards to knowing what the sudo password or su password is the password that I log on with, right ? By the way, I am the administrator for my computer.
It's all explained above. Ubuntu do it the non-std way. The first user you create during install is a non-root user and Ubuntu automatically enables that user in sudo to have complete access, IOW, be an admin equiv to root, via the sudo tool.
For sudo (unless the NOPASSWD option is set), your login passwd IS your sudo passwd; that's how the system knows its you.
For a normal *nix system, the root user is also enabled at install, along with his own separate passwd.
To become full root from a normal user, you type
su -
and give the root(!) passwd. su and sudo are not the same(!).
Not really, Unix was designed to be on a main frame type of system running dumb terminals underneath, it proceeds Microsoft by many years. However an OS designed for a mainframe system was not really suitable for the starting to develop home-systems or single/solo terminals and IBM hired MS to make an OS for the new market (called PC-DOS). However as it went on and the clear success of PC-DOS, MS said they deserved to be paid more for their work. IBM didn't agree and MS went off and made a new DOS (or atleast this is their claim...) called MS-DOS that would work on competitor's hardware(referred to as PC compatible).
Unix didn't really catch on to the home market... MS helped bring along personal computers for the home... they also brought about the whole idea of closed source productions/software (open source essentially predates closed source). In honesty, there is benefits to both closed and open source to say one is better then the other in a generalised statement doesn't take into account that different situtations warrent different solutions.
Anyways, I was just pointing out this isn't really score one for unix, it's just different markets for different OSs, as the more intelligent terminals starting coming out, mainframes with dumb terminals started becoming less popular.
Last edited by r3sistance; 10-16-2009 at 02:27 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.