root password for Ubuntu Server???
 

I've pulled out the HDD with OpenSuSE and installed a blank one, upon which I've installed Ubuntu server.

Background: I'm building a simple file/print server for the house. It's got 4 250GB WD SATA HDDs for the data (to be RAID5'd) and a separate 80GB WD SATA HDD for the operating system. Since they were cheap, I got several extras of the WD 80GB HDDs, and I can swap them out without affecting any data. Once I have the server to my satisfaction, I'm going to take the spare 80GB HDDs and replace the IDE HDDs in our 2 new WinXP Pro desktops. But, until then, I'm free to use them to test installations of various Linux servers, without the need to destroy a working OS. Real simple. So, here I am, with a fresh install of Ubuntu Server (8.10) in my booted-up computer, and another HDD sitting alone on the desk behind me (with an installed & working copy of OpenSuSE 11.0).

The problem I'm having is that there is no Root user. Well, there may be, but there's no root user password, so I can't do anything.

The installation went great. It asked me what server packages I wanted to install and I told it "Print Server" & "Samba Server" - and it did the installation smoothly (I believe). It even asked me for a non-admin user name and password, which I provided.

So, I can login as the non-admin user, and can execute the non-admin commands. But, I can't access any admin commands. When I try to login as "root" or "admin" it requests a password, and the only password I've provided (used for my "user" login name) does not work for the "root" or "admin" login. And, I've tried several of the more obvious options, such as using "password" as the password, and leaving it blank - but these obviously don't work, either.

At this point, I've just got the command line and no GUI. I'd prefer the GUI, but am not unfamiliar with command line work. However, I want to reconnect the 4 250GB WD SATA HDDs and configure them as RAID5 so that I can have my data back and working with Ubuntu. I could easly yank the Ubuntu drive and reconnect the OpenSuSE drive, but that would defeat the purpose of trying to test-drive Ubuntu! I know I've got to go through some configuration to get the RAID5 array re-mounted, but I've done that several times in OpenSuSE, so I don't think that's such a big deal. HOWEVER, until I can successfully login as "root" or "admin," all that is meaningless.

I've got the Linux for Dummies book (along with an OpenSuSE book), and it explains (page 295) how to recover from a forgotten root password. Of course, everything flashes on the screen so fast that I can't tell if Ubuntu is using the LILO or GRUB boot loader. The instructions are different for each, and ... neither one works!

I'm sure there is something REALLY SIMPLE (see ASTID in my signature!) that I've missed somewhere, but for the life of me, I can't figure it out.

So, if you know what I need to do to get root access, as soon as you quit laughing at my predicament (I'll be laughing, too, as soon as I figure this one out!), please tell me what I have to do to make it work!

BTW, this is not a dual boot system. Each boot drive has only a single operating system on it, and none of them are Windows or DOS, and there's never more than one boot drive installed at a time (I use the entire physical drive for the OS). I'm trying to be as straightforward and clean in my process as possible.

THANK YOU FOR THIS LIFESAVING HELP!!!

You need to learn about sudo - there's a doco somewhere on the wiki about the whys and wherefores.

I did just find it on my Ubuntu server. It says to run "man sudo_root" and I've done that, instantly learning that my login (the first one) actually HAS admin privileges, and that there is no other admin login (especially not a "root" login).

I'm liking this. OpenSuSE is quite different, and I had to login as root to do anything. This is better because it only requires a single login for me!

Thank you for the response!

The simple method (non-ubuntu way) is:

That will let you reset roots password. There *IS* a root account. Cat /etc/passwd if you doubt that.

The ubuntu way is to use sudo for system administration tasks rather than logging in as root. There are arguments against it and for it... but it typically is a lot safer for new administrators or people who are prone to fat fingering commands.

In non-sudo environments you still shouldn't be logging in as root, you can just use su - to gain root privileges for a terminal if needed.

Leave your root without a password. This is a security feature of Ubuntu. When you set up the primary login on Ubuntu during setup that login name/account is automatically set up to use the sudo command as adminstrator. If you wish to go to a root account you can login as the primary user and enter the command:

You will be prompted for your password again. Enter it correctly and you will be given effective root access without having to enter the sudo command before each command while you have the # prompt.

Generally, it is better to learn to enter the sudo command before those requiring root access. Tutorials and instructions for Ubuntu normally include the use of sudo where necessary.

The primary argument against setting a root password is it gives crackers an in when attempting to brute force passwords (knowing the account name). However if you disable remote root logins that's largely a moot point. If they already have access to the system they can simply cat /etc/passwd to get a full list of users on the system who are all very likely to have a password and now you're back at ground zero as far as cracking passwords go since they need only your account password to issue any commands they want via sudo. Sudo does provide finer grained security than using su. Mostly these days I do server admin, not desktop admin, so there are two access levels... root and user. Shrug.

There are some things that require a full root shell that sudo won't work for (which "sudo su -" does work around for the most part.) However, the typical more "standard" unix method is not the sudo method. Shrug, I suppose to some degree it's a matter of preference and methodology you choose to employ. YMMV.

OK. So you are a professional administrator and a UNIX/Linux purist. That should not keep others from trying whatever they can to use implementations which endeavor to improve security. This is a home server that the OP is talking about.

Here is how to create an Ubuntu root user:

http://digiassn.blogspot.com/2006/07...in-ubuntu.html

Here is how to allow root login on the GUI login screen:

http://digiassn.blogspot.com/2006/10...er-ubuntu.html

-----------------------
Steve Stites

You missed the point entirely.

On the one hand, I am doing this for my home server. On the other hand, I'd prefer to have a hardened OS because I rest easier knowing that it's safer that way. I've worked for accounting firms and understand that businesses create controls so that the money never gets corrupted. I've been a (non-certified) network administrator, so I understand that there are controls so that the data doesn't get corrupted. And, we lock the doors to our house to keep the honest folks from breaking in. No matter what is in place - be it computer security, financial controls, or electronic surveillance, it can be hacked & broken. But, I prefer to make it enough trouble so that it's discouraging.

That said, I appreciate the option to have a root login, that gives me a taste for how easy I can make it on myself. On the other hand, I also appreciate the logic behind NOT having a root logon. I don't like being protected against myself, but if it means I'm also protected against others, then it's ok.

So, I definitely appreciate knowing how easy it is to make a root logon. But, on the other hand, I type faster than 70 wpm (with no mistakes):cool:, so I don't mind typing "sudo" before any root-level command.

Can't resist pointing out post #23 http://www.linuxquestions.org/questi...999/page2.html

Hope the setup is going well

BM

Hmmm...interesting exchange. I particularly appreciate the help given by rweaver to DarkFlame. First of all, it answers the question directly. Having asked many questions myself over the years, I always appreciate a direct answer that solves the problem.

I am a newbie to Ubuntu, after years with Suse, and way too many years with M$...one does what one needs to in order to eat, yes? Anyway, as an Ubuntu newbie, I have run smack into this great debate in Ubuntu country over logging on as root. Ubuntu has set certain defaults to preclude logging in as root. Just recently, an Ubuntu Forum staffer, aysiu, posted a lengthy new policy about posting how-to's in the forums on logging in as root - basically, you goto "jail" if you do. Whether the Ubuntu Team likes it or not, this stance sets a dangerous precedent. The underlying issue is the real issue, and it is about control, and not about the pros and cons of logging on as root.

I think this is the point that AuroraCA is alluding to the statement: "That should not keep others from trying whatever they can to use implementations which endeavor to improve security." This is a good point if we define "others" as the end users. It is not a good point if "others" are defined as the distro vendors, forum moderators, and so forth. Ubuntu programmers are working hard to plug security holes in Ubuntu, as are most OS vendors. Should that include dictating and even straitjacketing the end user?

For the answer, one only needs to read the Ubuntu credo, manifesto, and basic philosophies that not only appear on the Ubuntu site, but printed in "The Official unbuntu Book" by Hill, Bacon, Burger, Jesse, and Krstic. The answer is a resounding NO! The reason is quite clear - it is way too "big botherish." And more importantly, this need for control is in direct opposition to Ubuntu's own philosophical goals. That is not to say that I do not understand the core of Ubuntu purists that wish to obtain the highest standard in security as possible. However, I suggest that pursuing these goals by restricting the end users is the quickest way to drive a stake right through the heart of Ubuntu.

First of all, it is easily seen by rweavers post that gaining access to the root account is very easy, and certainly any malicious hacker already knows how to do this, so locking the root account does not really plug this so-called security issue. As a matter of fact, I would argue that having the end user NOT take control over securing the root account is a bigger security risk than allowing the end user to have access. Again, I point to rweaver's post. In any OS, logging on as root only becomes a security issue if the admin does not make the account secure. Secondly, using sudo does not keep the end user from harming the system. I guarantee that I can destroy an Ubuntu installation just as easily with sudo as with root access.

Thirdly, it is not the job of Linux distro vendors, forum staffers, or other key distro players to keep end users from harm by trying to "save them from themselves." AuroraCA, aysiu, and other advocates of controlling the end user are coming accross, like it or not, as "we know better than you" "our expertise is better than yours" "do it our way and we'll keep you from hurting yourself." This attitude is not only offensive, it is counter to what Ubuntu stands for. And this attitude is much more harmful to Linux in the large, and Ubuntu in particular than any security risk or system damage that might occur because of allowing root logons in Ubuntu. After all, UNIX, and certainly most all other Linux distros have been doing it for decades. Sadly, this control attitude is spilling over in other areas of Ubuntu as well.

Lastly, and perhaps most importantly is that end users usually learn from their mistakes, so let them. I experiment with a number of distros on a number of boxes, old and new. The Ubuntu Team is absolutely dependent upon we end users for release testing, bug reports, bug fixes, suggestions for improvements, and more. It can only serve to Ubuntu's advantage to make everything about Ubuntu as open as possible to its end users. Let the end users make their own decisions and quit trying to hold them by the hand. Mark Shuttleworth has a great vision in Ubuntu, however, history has shown us that all great visions fade into nothingness if they are not given to the people they affect. In other words, if Ubuntu control is kept strickly by a select few, it will die.

Again, I say thanks to rweaver for giving an open and honest answer to the original question, and done so without regard to how DarkFlame will use the information. This is as it should be: the final decision and responsibility is with the end user.

~jiangshi

Ubuntu is not a philosophy or religion. It is a an implementation of Linux, an operating system. If you like the way it works use it. If you don't like the way it works, don't use it. The OP was asking about root access for Ubuntu. As I see it, understanding how root access is implemented in Ubuntu is the purpose of this thread.

Nice soapbox post.

Don't get me wrong, I see nothing wrong with either method. The reason behind my post was mainly because someone said there was no root account in ubuntu, and it's not the first nor last time I'll probably end up posting a similar spiel. I don't view Linux as Debian, Redhat, CentOS, Slackware, Gentoo, Arch, DSL, etc... I view it as Linux, do I have general preferences? Sure, everyone does-- however I endeavor to use best practices that work across a wide variety of systems and configurations while not damaging any custom configuration and security implementations. My job requires me to be able to deal with a huge variety of problems on a multitude of operating systems and all of the custom setups of the distribution, version, application, and client. You make every machine secure because any entry point to the local network increases security risks for every machine in the network. Trivial items like sudo or su/root shell are largely moot and it's far more important for accounts with potential access to the system at all to have good passwords. Having correct permissions on files and no unnecessary daemons running offers a magnitude of more security than the choice between su/root shell and sudo. Either of which when done correctly is secure.

Yes, you have a good point. My post added no value to the discussion. Nor did your post about "UNIX/Linux purist" or the ones made by others telling the original poster to learn sudo. I admit that it was these posts that fired me up a bit. Not that my post is your fault or their fault; I take responsibility for that, but these types of posts border on personal attacks when labels are used or implying the original poster is stupid because he needs to learn sudo.

I also reacted because I have seen similar posts all over the Ubuntu forums about logging on as root and that it is a security feature. It is not a security feature; it is a big security hole, and for the reason I have already stated. But this becomes another soapbox, so I'll leave it at that.

Thank you for your correction.

My best wishes to and yours in the new year.

~jiangshi