Root user: to enable or disable...

**benbrockn** · November 22nd, 2012

I have a question about the root user.

I know that Ubuntu disables the root user by default but you can still use sudo

I know that you can add/remove users from using the sudo command by entering in:
Code:
```
sudo adduser <username> sudo
```

But here is my question, if i don't set a root password, can't anyone hack in, set a root password, and lock me out? And can't a local user on the system (like my son) do the same?

I've already read this:

HTML Code:

https://help.ubuntu.com/community/RootSudo

but I was still confused if it were better security-wise to either:

Leave the root user alone, and make only myself able to use sudo
Enable root, set a lengthy password, and never log on it again, only making myself able to use sudo.

Which would be better?

Thanks!

**CharlesA** · November 22nd, 2012

Leave the root user alone. If/when you have a hosed system and you forget the root password, you are out of luck.

Physical access = root access, as always. If someone wanted to get onto your machine, they would just use a livecd. If you don't want that happening, encrypt your home directory.

**snowpine** · November 22nd, 2012

The root account in Ubuntu is not passwordless (as your question implies) but rather the account is completely disabled.

**CharlesA** · November 22nd, 2012

Originally Posted by snowpine

The root account in Ubuntu is not passwordless (as your question implies) but rather the account is completely disabled.

Yeah, the root account is "locked"

Good catch.

**benbrockn** · November 22nd, 2012

@snowpine Ah, i see, thank you. I assumed it was passwordless since you have to log on using sudo to create a password.

@CharlesA In a thread I just recently made, I asked the same question about encrypting the /home directory. Because I didn't know much about it.

HTML Code:

http://ubuntuforums.org/showthread.php?t=2086756

**CharlesA** · November 22nd, 2012

Answered you in your other thread.

**benbrockn** · November 22nd, 2012

@CharlesA Thank you kind sir.

So I will go with option 1: Leave root alone and make myself the only sudo user

Thanks to both of you

**nothingspecial** · November 22nd, 2012

All explained here https://help.ubuntu.com/community/RootSudo

**Paqman** · November 22nd, 2012

Originally Posted by benbrockn

if i don't set a root password, can't anyone hack in, set a root password, and lock me out?

To do so they would have to crack your password, which since you're a sudo user means they have root access anyway. So having them fiddle with your root account is the last of your worries.

Just make sure your password is as strong as you would apply to the root account.