Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hi, im new to Linux and currently running Ubuntu 20.04 LTS on a vps. Like to ask some question rgd the correct way to user management -
1) is it a good practice(security reason) to first create a (regular)user with sudo right and disable root login when system is first setup?
2) will that cause any issue in later days like in Windows some program will not run unless its run as Administrator?
3) will changing the name of the root account(root) be more safe? to prevent bruteforcing password with 'root'. but heard that is not a good idea as it will break something in the system
My opinions: Unless you absolutely need it do not allow root login. There are only a couple of esoteric times you need it. If you run into one of those do what you have to do and then immediately disable it. Yes, immediately after installation give your primary user sudo privileges. Make sure that user has a strong password. 99.999% of programs that need administrator privileges will run with sudo and should be run with sudo and not with root. If root doesn't have a password it can't be brute forced, right?
1) is it a good practice(security reason) to first create a (regular)user with sudo right and disable root login when system is first setup?
2) will that cause any issue in later days like in Windows some program will not run unless its run as Administrator?
3) will changing the name of the root account(root) be more safe? to prevent bruteforcing password with 'root'. but heard that is not a good idea as it will break something in the system...
Hi and welcome.
1) Maybe. You'll get different opinions from different users. It is the "standard" way for Ubuntu, so maybe sticking with this until you get more experienced is a good idea.
2) No it won't, that's what sudo is for.
3) You'll need to choose a secure password. For your sudo user as well - sudo gives them the ability to harm your system. When I'm concerned about brute force attempts at passwords, I use a long passphrase (with spelling mistakes, alternate words in different languages etc).
hi guys, thanks for the suggestion. i think i will go ahead and create a new user and disable the root. beside more secure, could learn something new.
but before i jump into it, would like to confirm this 2 points -
1) the vps is already setup with vpn, nginx and letsencrypt cert. doing this now wont break anything right?
2) forget to mention - i will be using ssh key authentication to login using Putty - will set it up after all is set and done. so all ok with disabling the root? scare that i might get lockout if do something wrong
p/s - according to this webpage, we hvto create '.ssl' for each user else they would not be able to login(if password login is disabled). can anyone confirms that? - https://unix.stackexchange.com/quest...ed-with-a-user
1) is it a good practice(security reason) to first create a (regular)user with sudo right and disable root login when system is first setup?
YES!
Quote:
2) will that cause any issue in later days like in Windows some program will not run unless its run as Administrator?
No. Most Linux systems expect it to be that way anyhow.
Quote:
3) will changing the name of the root account(root) be more safe? to prevent bruteforcing password with 'root'. but heard that is not a good idea as it will break something in the system
Changing the name of root? NO!!!
Don't do that. Instead disable remote root login completely (ssh).
hi guys, reporting back - hv setup another vps for this test as dont want to risk doing something wrong on the running server. hv successfully done all the listed things above - create user, add sudo, disable root, add ssh keys. thank you
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.