Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Does the superuser of Linux need to be named "root"?
Can we give other name or add other user to be completely previledged as root?
Don't you think the username root is not so secured, making brute-force password guessers have less work to do (don't have to also guess the username).
changing the name of root is an *EXTREMELY* bad idea. Don't ever ever be tempted to try this again.
use a good root password, or rather make it so obscure you can't remember it at all. only ever gain root access via sudo and you never need the password ever. stop ssh allowing root logins etc.
The permissions system is set up to cover 3 classes of user: the owner username, a group, and everyone else. If you find **every** file and directory owned by "root" and set up the permissions to include a group containing your new superuser, you would be part way there. One remaining issue would be the various programs that check to see who's running them. In practice, changing all of these might be more trouble than it's worth.
Quote:
Don't you think the username root is not so secured
Ypu are really asking if it is more secure to obscure the root password and then you are asking how to run sudo without password? sudo without password means that everyone that has access to your account (even if you are only in a coffebreak without logging out) has total control over the system. if you are security aware don't do that.
Although the danger to start a flamewar is imminent, IMHO the whole concept of replacing the root user with sudo is from a security point of view a big flaw. It is merely done by many distros (mainly Ubuntu derivatives) for convenience reasons, not for security. If you want to have a secure system don't allow root to login over SSH, use a strong password for any user on the system (this is pretty obvious and shouldn't have to be emphasized) and use su to get root privileges. Never allow passwordless sudo and use sudo only if you want to give access to single applications as root without giving them the root password.
By the way, is there a way to sudo without typing root password? The system always ask me everytime I use the sudo command.
Thanks,
Narin
No, it doesn't. Sudo is about proving YOU are YOU, it does NOT use the root password, hence with a good sudo setup you should NEVER need to know the root password.
---------- Post added 09-11-12 at 12:31 PM ----------
Quote:
Originally Posted by narin1975
Everytime we su, we send root password over ssh, do we?
yes, but it's over SSH, which is considered secure.
Although the danger to start a flamewar is imminent, IMHO the whole concept of replacing the root user with sudo is from a security point of view a big flaw. It is merely done by many distros (mainly Ubuntu derivatives) for convenience reasons, not for security. If you want to have a secure system don't allow root to login over SSH, use a strong password for any user on the system (this is pretty obvious and shouldn't have to be emphasized) and use su to get root privileges. Never allow passwordless sudo and use sudo only if you want to give access to single applications as root without giving them the root password.
Where are my matches...?
What's your perspective on not allowing full root access via sudo? Where's the downside in a well managed environment? I would never recommend su over sudo. it has much poorer auditing and you are back to having a password kept in a safe, or on a post-it, or in memory if it's trivial.
Whilst Ubuntu's auth shift makes it more user friendly and ... windowsy ... I don't see this as a security flaw in any way.
Last edited by acid_kewpie; 11-09-2012 at 06:41 AM.
no, as you should never log in as root over ssh in the first instance. if this is a point of a confusion, it's the user with which you are establishing the secure channel itself that you need to look after. So root should *NEVER* log in to an SSH server, however once it's established and you're using a shell prompt, becoming root over it is a non-issue as far as the SSH security itself goes. Root should never log in for reasons including those you originally stated - a brute force attack on a known privileged user. Hence setting "PermitRootLogin no" in sshd_config.
Last edited by acid_kewpie; 11-09-2012 at 09:40 AM.
if we accept ssh as secured, we can log in as root from the start. no need to bother using ethier su or sudo. am I right?
No you are not right; your argument is based on theory, but experience says that brute-force-root-SSH is one of the most common attacks your Linux server will face. Changing root login from "yes" to "no" is an incredible "return on investment" for your security; 30 seconds to toggle 1 setting in 1 file and the risk of this particular type of attack is completely eliminated forever.
What's your perspective on not allowing full root access via sudo? Where's the downside in a well managed environment?
Imagine a brute-force attack via SSH. In both approaches, su and sudo, root login via SSH should be disabled. So it is up to find a valid username to try to brute-force the machine. At this point both approaches have the same security. If the attacker is able to figure out a valid username the brute-forcing begins and sooner or later (if something like fail2ban is not installed and the admin is not regularly reviewing the logs, which is pretty common with inexperienced or not well trained admins) the attacker will be able to log in to the account.
On a machine without full sudo access for the user (and at best noexec mount-options for /home and other user-writeable directories) the attacker now has to figure out the root password to be able to really compromise the machine. On a machine with full sudo access the attacker knows the user password, so directly after he is able to log into the machine he is in fact root.
I would think an admin that has to ask the questions the OP asked is either untrained or inexperienced. Using sudo (especially as he asked without password) may be more convenient, but it is not more secure. In this specific case I would recommend to the OP that he asks his employer for a training.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.