-   Linux - Security (
-   -   LINUX newbie: Was using root password in this case a bad idea? (

MBA Whore 05-20-2006 02:46 PM

LINUX newbie: Was using root password in this case a bad idea?
LINUX newbie: Sorry for this long story, but I really would appreciate some insight.

I have an HP 960c printer. I use MEPIS 3.43. I had to configure something called CUPS (online) to get my printer to work. After looking online, I found some tutorials / how-to guides.

Eventually, I had to open a web browser (Firefox 1.5) and go to the following url to configure something called CUPS: http://localhost:631/admin

It asked for my user ID and password. I tried my "regular" user ID and password but it did not seem to work. Next, I typed "root" for my user ID and my root password for the password. I had instant access and set up everything. The printer works well now. However, I am nervous about having used my root password (online) to set up my printer via CUPS.

Recently, I found what appears to be a 2nd option ( that looks like it would work, but since I am very new at LINUX, I am afraid to try it (I have to create a group and add a line to some CUPS file)

My questions are:
1) Is my root password safe, since I had to go "online" to CUPS to configure my printer?
2) Should I have used the 2nd option instead?
3) Whether or not I should have used the 2nd option, could someone tell me the difference between what I did and the 2nd option?

Thank you for taking the time to read this. I look forward to all replies!

--MBA Whore

GUIPenguin 05-20-2006 02:58 PM

Don't worry about it. You're not sending your password over the network because, localhost, or is connecting to the loopback interface on your system. You are mearly connecting to a server that is running localy on you're linux installation. You're password isn't being sent over the network like it would be if you connected to a listening cups deamon on another computer. So there isn't any way for a person to sniff your password from outside the interface. Even if you were to connect to a telnet or ftp server on your own lan, the design of wired, switched networks, would entitle the cracker to poison your arp cache and re-direct your traffic through him....and then start sniffing. But the possibility of that happening on a home-network is nothing.

That is how I setup my printers, I add my .ppd driver into /usr/share/cups/model, restart cups, then browse using firefox to enter my root password, and setup my printer.

davcefai 05-20-2006 03:06 PM

You can sleep OK tonight :p. You did not "go online" to configure CUPS.

CUPS admin is via a web interface on your own PC. The clue in in the URL.

localhost is your own computer. The second option is to give other users the rights do to what you did. Otherwise only root can do it.

This is a fairly common way of doing things, using a web interface. It also allows you to configure PCs remotely. If you are a permitted user (ie your "2nd option" then you can log in to http://remotemachine:631 and configure it. Very useful if you don't feel like walking to the kitchen at home, or half a mile in a factory.

davcefai 05-20-2006 03:07 PM

GUIPenguin: You type faster than I do!

MBA Whore 05-20-2006 03:52 PM

Thanks for your replies.....I'll sleep better

All times are GMT -5. The time now is 11:31 PM.