Wiped the entire HDD out. Had a new clean install of the OS.

I open a Terminal. I type "su" and it asks me a password. I type my account password, returns "Authentication Failure"! I tried the only other password also, the one I created while installing the OS, the one used for encrypting the hard drive, but the result is the same.

How do I access SuperUser privileges? What's the superuser password?

You will need to tell us which distro (and version) you are using. Not all Linux distros work in the same way.

Welcome to LQ by the way. :-)

Maybe: sudo su

Welcome! Remember to *spend some time* web-researching first! Welcome!

There are basically two ways that Linux can handle supervisor rights

1) Most distros ask you during the installation to provide a "root password". You will use this subsequently to gain root (supervisor) access. Then, at a later stage, they ask you for a name and password for your user account.

2) The Ubuntu family do not ask for a root password because they do not use one. Instead, you are asked to provide a user name and password, and this named user is then given root access through the use of the sudo command and his/her own password.

You installed this system, so you should be able to remember which of these two sequences you went through.

'Sudo -i' would be better, 'sudo su' can cause confusion as many environmental variables are from the original user and not the intended one from the root user. Alternatively 'sudo su -' is functionaly equivalent to 'sudo -i'

1 members found this post helpful.

I'm using Trisquel, which is Ubuntu based.

I've finally got it to work, but I still don't understand why initially when I was typing "su" (and obviously it's still the same) it was asking me a password and when I was entering the only (two) passwords in existence, it was telling me "Authentication Failure"? I mean, I'm doing the same thing now, except with "sudo" and it is giving me the root access!

In Ubuntu and its derivatives, there is a root password, but nobody knows what it is. It isn't set by the user who installs the system (as it is in most distros) but is built in by the developers. So if you use su, which requires the root password, you won't find a password that fits. Sudo works quite differently. It just checks in the /etc/sudoers file that you have the right to invoke it, and also that you really are the user named in that file (you know the password).

You say you have two passwords. I don't know what the second one is, but it won't be the root password if Trisquel works like Ubuntu.

I'm guessing the first line in /etc/shadow has: root:*:... [does yours?]
So, root can't 'login' (which is what su [vs. sudo] does).

You can do as #5here, but not su [root]

On Debian-based distros (Ubuntu/Mint), that's 'the way'
(tho some people don't like that [ONLY sudo] 'design')

I gave my trisquel a root password, so I can [then] login as root
(since not visible to the internet, and it's just a 'play' VBox)

Here's some links (one to a 171page pdf!)

p.s. I can [then] login as root -only- on a local console/terminal
( -not- ssh/putty/telnet, but that's another [pam] theory-story!
su [then] 'works', from anywhere, with the root passwd -I- gave it )

It isn't the way in Debian itself, which has a completely traditional setup: root password and no active sudoers by default. I think Ubuntu introduced that sudo-only thing, but they probably borrowed it from Knoppix, another Debian distro. I remember using a Knoppix live disc that worked like that before Ubuntu was fully released.

Isn't this like a security risk? I mean what you say is that there are bunch of guys out there with superuser passwords for practically everybody's computer who uses Ubuntu or its derivatives. And who uses which OS shouldn't be hard to find out for people who browse the internet with 'User Agents' and what not. No...???

Any comments??

I'm not convinced there is a root password -- I think the account is just disabled. However, if there is a "password" set I would expect that the password field in the shadow file would be populated with some random number set at install time. I'm fairly certain there is no single root password that is set on all these systems -- it's just not the way things are done.

When you look at the shadow file, you can see a string where the password hash would be. I never thought to find out where it comes from.

Just for info, it appears that you can make the choice during the installation of Debian whether to have the traditional root login or whether to disable the root account (by leaving the root password blank):

https://debian-handbook.info/browse/...ion-steps.html (section 4.2.9)

I'm sure that's new. Sudo-only is like systemd: it spreads by infection.

:-D Coming to a distro near you, soon.