LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-22-2021, 06:29 AM   #1
G-Wiz
LQ Newbie
 
Registered: Dec 2021
Posts: 6

Rep: Reputation: Disabled
Root Password Confusion


Hi, I tried to change my root password with "passwd root" or something like that I can't quite remember. It kinda worked, but now I have two passwords for root, the original password is correct nine times out of ten, on rare occasions it will require the new password.

I just want one root password, the new one I added. Can someone help? I'm on Arch (Arco).

Thanks
G-Wiz
 
Old 12-22-2021, 08:23 AM   #2
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,692

Rep: Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274
Hi, and welcome here, at LQ

The root can have (and must have) only one password. It is impossible to use two different ones. So would be nice to explain (with more details) what's happening. How did you try, what did you try, what's happened...?
 
Old 12-22-2021, 09:27 AM   #3
fatmac
LQ Guru
 
Registered: Sep 2011
Location: Upper Hale, Surrey/Hants Border, UK
Distribution: Mainly Devuan with some Tiny Core, Fatdog, Haiku, & BSD thrown in.
Posts: 5,443

Rep: Reputation: Disabled
Root has just one password - sudo may have many, (as any user in the group 'wheel' will use their own password).
 
Old 12-22-2021, 10:51 AM   #4
Brains
Senior Member
 
Registered: Apr 2009
Distribution: All OS except Apple
Posts: 1,591

Rep: Reputation: 389Reputation: 389Reputation: 389Reputation: 389
Half the keyboard on an Acer tablet were incorrectly mapped when I would run Ubuntu live on it. Had to use Ubuntu's onscreen keyboard.

If you feel you have to use two different passwords is most likely due to faulty keyboard mapping or something, you are probably using only one password as it is unheard of to have two root passwords.

Perhaps look into trying a corded keyboard/mouse, and make sure no power bars or excess power cords are on the desktop. I recently upgraded my wireless keyboard/mouse combo and was loosing my work, text editor would go wonky while tweaking scripts and I would essentially loose everything since the last backup. The mouse pad I was using was fabric based and there was a power bar on the table, some form of static was screwing everything up in a Virtual Machine, not sure if it was affecting the host. I went and bought a new (nice) corded keyboard and had corded mouse, switch to that, move power stuff off and all is good.

EDIT: This is a laptop with attached HDMI monitor, hence the need for separate keyboard/mouse

Last edited by Brains; 12-22-2021 at 10:54 AM.
 
Old 12-22-2021, 02:36 PM   #5
G-Wiz
LQ Newbie
 
Registered: Dec 2021
Posts: 6

Original Poster
Rep: Reputation: Disabled
Thanks for the information, it would seem I just didn't understand what was happening. I now realise I was confusing my passwords which at first were the same, but after changing the root password, I thought sudo was asking for the root password, not mine, then when actually asked for the root password I had to use the "new" one.

My own stupidity
 
Old 12-22-2021, 04:56 PM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
However, now that you realize that “root access” can effortlessly be gained by anyone in the wheel-group, you can now very plainly see the importance of limiting that privilege to as few users as possible: ideally, “only one.”

The userids that you use every day should not belong to that group. So, if any “rogue software” runs into a telephone booth, the only thing they can do is to … make a phone call.

P.S. This so-called “principle of least privilege” applies to every operating system. Computers are terrible at saying “yes,” but extremely good at saying “no.”

Last edited by sundialsvcs; 12-22-2021 at 04:59 PM.
 
Old 12-23-2021, 05:09 AM   #7
G-Wiz
LQ Newbie
 
Registered: Dec 2021
Posts: 6

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by sundialsvcs View Post
However, now that you realize that “root access” can effortlessly be gained by anyone in the wheel-group, you can now very plainly see the importance of limiting that privilege to as few users as possible: ideally, “only one.”

The userids that you use every day should not belong to that group. So, if any “rogue software” runs into a telephone booth, the only thing they can do is to … make a phone call.

P.S. This so-called “principle of least privilege” applies to every operating system. Computers are terrible at saying “yes,” but extremely good at saying “no.”
If I remove myself from the wheel group, when I run sudo would it then require the root password instead of mine?
 
Old 12-23-2021, 05:13 AM   #8
shruggy
Senior Member
 
Registered: Mar 2020
Posts: 3,670

Rep: Reputation: Disabled
No. It would just print a nasty message
Quote:
User is not in the sudoers file. This incident will be reported.
and refuse to give you superuser rights.

su - would require the root password.

Last edited by shruggy; 12-23-2021 at 05:16 AM.
 
Old 12-23-2021, 05:29 AM   #9
G-Wiz
LQ Newbie
 
Registered: Dec 2021
Posts: 6

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by shruggy View Post
No. It would just print a nasty message

and refuse to give you superuser rights.

su - would require the root password.
OK, just to make sure I have this, your saying it's much more secure to remove myself from the wheel group, this will no longer allow me to use sudo with my password, but I can use su instead with the root password?
 
Old 12-23-2021, 05:37 AM   #10
shruggy
Senior Member
 
Registered: Mar 2020
Posts: 3,670

Rep: Reputation: Disabled
Quote:
Originally Posted by G-Wiz View Post
your saying it's much more secure to remove myself from the wheel group
I didn't say this, sundialsvcs did. Complaining about inadequate default security is his favorite subject.
 
Old 12-23-2021, 06:13 AM   #11
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 7,499
Blog Entries: 19

Rep: Reputation: 4410Reputation: 4410Reputation: 4410Reputation: 4410Reputation: 4410Reputation: 4410Reputation: 4410Reputation: 4410Reputation: 4410Reputation: 4410Reputation: 4410
Quote:
Originally Posted by G-Wiz View Post
OK, just to make sure I have this, your saying it's much more secure to remove myself from the wheel group, this will no longer allow me to use sudo with my password, but I can use su instead with the root password?
It all depends on what is in your /etc/sudoers file. Some distros give full sudo access to users in the wheel group or in some special "sudo" group (I believe Debian-based distros have a sudo group for this purpose) and automatically place the first registered user in that group. Others place the first registered user in sudoers by name and not as a member of a group.

The wheel group originally determined who could use the su command to become root. Knowing the root password wasn't enough; you also had to be in this group for the password to work. Sudo came much later.

Incidently many implementations of sudo come with much worse messages than the one quoted by shruggy.
 
Old 12-23-2021, 06:35 AM   #12
shruggy
Senior Member
 
Registered: Mar 2020
Posts: 3,670

Rep: Reputation: Disabled
Quote:
Originally Posted by hazel View Post
Incidently many implementations of sudo come with much worse messages than the one quoted by shruggy.
An OpenBSD guy recently adapted this feature for doas as well.
 
Old 12-23-2021, 07:07 PM   #13
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
By removing yourself from this group, you voluntarily revoke your right to say: sudo su. That is, “to gain root access using your own password.” To exercise these privileges going forward, you must consciously log in as “Clark Kent.” The login(s) that you use every day are not privileged at all. And, while using them, you know to never respond to any request for an elevated password … unless you are damned sure.

By doing these things, you ensure that the system will “always say ‘no,’” particularly when you were not aware that any [rogue …] was asking.

Principle Of Least Privilege

Last edited by sundialsvcs; 12-23-2021 at 07:19 PM.
 
Old 12-24-2021, 02:18 AM   #14
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,692

Rep: Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274
Quote:
Originally Posted by sundialsvcs View Post
By removing yourself from this group, you voluntarily revoke your right to say: sudo su.
That would be sudo and su, not the "usual" sudo su combination.
https://acloudguru.com/hands-on-labs...th-wheel-group
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] "Give root password for maintenance or press CTRL+D to continue" problem enter root password ag33k Slackware - ARM 9 01-12-2017 04:23 PM
liveCD installer asks for root password, but means the liveCD's root password newbiesforever VectorLinux 4 04-23-2013 01:16 PM
i forget my root password. how to login in root account with new password in red hat. balajiraja Linux - Desktop 3 08-22-2012 01:41 AM
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 10:28 PM
root files: create as root:root or root:wheel? pcass Linux - Security 1 02-07-2004 04:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration