PDA

View Full Version : [SOLVED] Root user: to enable or disable...



benbrockn
November 22nd, 2012, 02:23 AM
I have a question about the root user.



I know that Ubuntu disables the root user by default but you can still use sudo



I know that you can add/remove users from using the sudo command by entering in:

sudo adduser <username> sudo

But here is my question, if i don't set a root password, can't anyone hack in, set a root password, and lock me out? And can't a local user on the system (like my son) do the same?

I've already read this:
https://help.ubuntu.com/community/RootSudo but I was still confused if it were better security-wise to either:



Leave the root user alone, and make only myself able to use sudo
Enable root, set a lengthy password, and never log on it again, only making myself able to use sudo.


Which would be better?

Thanks!

CharlesA
November 22nd, 2012, 02:27 AM
Leave the root user alone. If/when you have a hosed system and you forget the root password, you are out of luck.

Physical access = root access, as always. If someone wanted to get onto your machine, they would just use a livecd. If you don't want that happening, encrypt your home directory.

snowpine
November 22nd, 2012, 02:27 AM
The root account in Ubuntu is not passwordless (as your question implies) but rather the account is completely disabled.

CharlesA
November 22nd, 2012, 02:30 AM
The root account in Ubuntu is not passwordless (as your question implies) but rather the account is completely disabled.
Yeah, the root account is "locked"

Good catch.

benbrockn
November 22nd, 2012, 02:34 AM
@snowpine Ah, i see, thank you. I assumed it was passwordless since you have to log on using sudo to create a password.

@CharlesA In a thread I just recently made, I asked the same question about encrypting the /home directory. Because I didn't know much about it.


http://ubuntuforums.org/showthread.php?t=2086756

CharlesA
November 22nd, 2012, 06:45 AM
Answered you in your other thread. :)

benbrockn
November 22nd, 2012, 12:04 PM
@CharlesA Thank you kind sir.

So I will go with option 1: Leave root alone and make myself the only sudo user

Thanks to both of you

nothingspecial
November 22nd, 2012, 12:13 PM
All explained here https://help.ubuntu.com/community/RootSudo

Paqman
November 22nd, 2012, 12:31 PM
if i don't set a root password, can't anyone hack in, set a root password, and lock me out?

To do so they would have to crack your password, which since you're a sudo user means they have root access anyway. So having them fiddle with your root account is the last of your worries.

Just make sure your password is as strong as you would apply to the root account.

Randymanme
November 23rd, 2012, 09:17 PM
The root account in Ubuntu is not passwordless (as your question implies) but rather the account is completely disabled.


Yeah, the root account is "locked"

Good catch.

http://news.softpedia.com/news/Canonical-We-Have-Root-Trust-Us-294538.shtml

" . . . Erm, we have root. . . . "

CharlesA
November 24th, 2012, 02:53 AM
http://news.softpedia.com/news/Canonical-We-Have-Root-Trust-Us-294538.shtml

" . . . Erm, we have root. . . . "

Your point is? Canonical manage the repos, so they effectively have you access to whatever is in the repos.