Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Not that I know of. Root's password is whatever you set it as. The icon displayed in your profile is Ubuntu. On that system logging into the root account is disabled, so this should be not be an issue. What is an issue is that Ubuntu uses sudo with unlimited root privilege, so if someone is going to hack into your system, they would use sudo to gain root privilege. If you are worried, set a good password.
i've read somewhere that there's a security risk because every linux machine has a user called "root" - that would eliminate one step for someone who wants to hack into your system. they don't have to guess the user name.
but then, that's true for other operating systems as well, if they use "admin" or sth like that.
yes, a good password is very important.
some gnu/linux systems disallow usage of root account, maybe that's a good thing then.
I think to understand better the security policy in Linux it's interesting to know how to configure the sudoers file.
There you can configure the root privileges and especify what kind of commands do you want root will be enabled to execute. But personally I think this part is more important in a network environtment.
As Randicus Draco Albus said: Ubuntu have an unlimited root privileges set as default... and is good to configure the sudoers file.
If you want how to do that you can check this link
i've read somewhere that there's a security risk because every linux machine has a user called "root" - that would eliminate one step for someone who wants to hack into your system. they don't have to guess the user name.
The first thing anybody should do with a new Linux system is disable root ssh access, which makes it a non-issue.
Besides, if you look at the ssh logs for any publicly-accessible server, there are basically zero script kiddies trying to break in with the user name "root". 99.9% of the time they use "admin", "oracle", etc.
Last edited by suicidaleggroll; 09-14-2014 at 11:12 AM.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by suicidaleggroll
The first thing anybody should do with a new Linux system is disable root ssh access, which makes it a non-issue.
Besides, if you look at the ssh logs for any publicly-accessible server, there are basically zero script kiddies trying to break in with the user name "root". 99.9% of the time they use "admin", "oracle", etc.
I wouldn't bet on that -- one of my VMs compromised by a script kiddy who ran a dictionary attack against the root account...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
