Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Root user: to enable or disable...

  1. #1
    Join Date
    Nov 2011
    Beans
    27

    Question Root user: to enable or disable...

    I have a question about the root user.


    • I know that Ubuntu disables the root user by default but you can still use sudo


    • I know that you can add/remove users from using the sudo command by entering in:
      Code:
      sudo adduser <username> sudo

    But here is my question, if i don't set a root password, can't anyone hack in, set a root password, and lock me out? And can't a local user on the system (like my son) do the same?

    I've already read this:
    HTML Code:
    https://help.ubuntu.com/community/RootSudo
    but I was still confused if it were better security-wise to either:


    1. Leave the root user alone, and make only myself able to use sudo
    2. Enable root, set a lengthy password, and never log on it again, only making myself able to use sudo.


    Which would be better?

    Thanks!

  2. #2
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Root user: to enable or disable...

    Leave the root user alone. If/when you have a hosed system and you forget the root password, you are out of luck.

    Physical access = root access, as always. If someone wanted to get onto your machine, they would just use a livecd. If you don't want that happening, encrypt your home directory.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  3. #3
    Join Date
    Jan 2008
    Beans
    7,749

    Re: Root user: to enable or disable...

    The root account in Ubuntu is not passwordless (as your question implies) but rather the account is completely disabled.

  4. #4
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Root user: to enable or disable...

    Quote Originally Posted by snowpine View Post
    The root account in Ubuntu is not passwordless (as your question implies) but rather the account is completely disabled.
    Yeah, the root account is "locked"

    Good catch.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  5. #5
    Join Date
    Nov 2011
    Beans
    27

    Re: Root user: to enable or disable...

    @snowpine Ah, i see, thank you. I assumed it was passwordless since you have to log on using sudo to create a password.

    @CharlesA In a thread I just recently made, I asked the same question about encrypting the /home directory. Because I didn't know much about it.

    HTML Code:
    http://ubuntuforums.org/showthread.php?t=2086756

  6. #6
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Root user: to enable or disable...

    Answered you in your other thread.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  7. #7
    Join Date
    Nov 2011
    Beans
    27

    Re: Root user: to enable or disable...

    @CharlesA Thank you kind sir.

    So I will go with option 1: Leave root alone and make myself the only sudo user

    Thanks to both of you

  8. #8
    Join Date
    Jan 2008
    Location
    Manchester UK
    Beans
    13,637
    Distro
    Ubuntu

    Re: Root user: to enable or disable...


  9. #9
    Join Date
    Jan 2007
    Beans
    6,542
    Distro
    Ubuntu 13.04 Raring Ringtail

    Re: Root user: to enable or disable...

    Quote Originally Posted by benbrockn View Post
    if i don't set a root password, can't anyone hack in, set a root password, and lock me out?
    To do so they would have to crack your password, which since you're a sudo user means they have root access anyway. So having them fiddle with your root account is the last of your worries.

    Just make sure your password is as strong as you would apply to the root account.

  10. #10
    Join Date
    Jul 2009
    Location
    Columbus, Ohio, USA
    Beans
    161
    Distro
    Ubuntu Development Release

    Re: Root user: to enable or disable...

    Quote Originally Posted by snowpine View Post
    The root account in Ubuntu is not passwordless (as your question implies) but rather the account is completely disabled.
    Quote Originally Posted by CharlesA View Post
    Yeah, the root account is "locked"

    Good catch.
    http://news.softpedia.com/news/Canon...s-294538.shtml

    " . . . Erm, we have root. . . . "
    AMD Athlon II X2 220 Processor × 2 , 2.8 GHz, 6 GB, Nvidia PNY 210, 1 TB hdd: Windows 7; Ubuntu 13.10; Linux Mint 16 Petra. // Gateway E4000, Intel Pentium 4, 1.8 Ghz; 1.0 GB RAM, Geforce 5500; 32 bit; Windows 7, PCLinuxOS 201404 Mate Desktop.

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •