LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-08-2007, 01:02 PM   #1
webshark
LQ Newbie
 
Registered: Sep 2004
Distribution: Slackware 10.1
Posts: 23

Rep: Reputation: 15
Change Known Root Password


I need to change the root password on a few Suse Servers. I have the current root password, but the IT guy has left and I need to update it.

Can this be done through SSH (Putty) or do I have to do this at the physical machine? Also, when changing this password, do i need to alter or update any of the services running on that server?

Thanks.
 
Old 03-08-2007, 01:20 PM   #2
b0uncer
LQ Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
If you can login as root (note: on SSH this should be prevented; use su or sudo instead) of course you can change the password, with
Code:
passwd
run as root. I don't think SSH prevents that by default (then again, I see no reason why it could not be prevented).

Also I don't think you need to do anything else; the services running as root are usually setup by root to do that, so it should be enough to just change the password. I know on Windows you change a password for user, you need to go and re-change that for every service that needs password; it sucks.
 
Old 03-08-2007, 01:45 PM   #3
webshark
LQ Newbie
 
Registered: Sep 2004
Distribution: Slackware 10.1
Posts: 23

Original Poster
Rep: Reputation: 15
Thank you. That was easy. I've been reading all kinds of complicated ways of changing the root password or various ways or recovering the root password. This was simple. I like that.

Now, from a security standpoint.....

Should it be this easy?

Thanks.
 
Old 03-08-2007, 02:16 PM   #4
roreilly
Member
 
Registered: Aug 2006
Location: Canada
Distribution: Debian, Slackware
Posts: 106

Rep: Reputation: 28
That is more than adequate security.

ssh is an encrypted connection, so it is secure.
If you know the root password and can login, changing the password
should not require jumping through hoops.

Just be sure to use a strong password. There are lots of brute-force
attacks for ssh.

R.
 
Old 03-09-2007, 12:37 AM   #5
live_dont_exist
Member
 
Registered: Aug 2004
Location: India
Distribution: Redhat 9.0,FC3,FC5,FC10
Posts: 257

Rep: Reputation: 30
After you do change the root password for your servers I'd suggest you look at a few SSH hardening threads to disallow remote root login. Many canned exploits try and exploit bugs in Ssh remotely. If you have remote root enabled the exploit could be successful directly. Here's a start:

http://ale.freeshell.org/les/ssh.html

Post back if I was unclear.

Cheers
Arvind
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 10:28 PM
change root password ashishag Fedora 1 12-16-2006 06:12 AM
change Root Password even if the password in the grub is also set sheelnidhi Linux - General 6 08-30-2006 07:27 AM
Need to know how to change root password RIOMX Linux - Newbie 4 10-30-2003 09:35 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration