I'm a sudo kind of person, I use it when I need it -- no root account enabled.
I like su, I switch to root and sometimes login as root to make a lot of system changes.
What's root?
Do you think the root account should be enabled? I know that by default Ubuntu disables it, but I have been doing some thinking and to be honest I think there is an advantage to having it enabled. I have an SSH server, and obviously I've configured it to not allow root login. Thus, my username is the only one that is valid. If a cracker were to try and bruteforce my username and got the password, he also has the password to gain superuser rights because they are one and the same. However, if you look at a distro like openSUSE (and many others, I've noticed that RPM distros do this a lot), they allow and encourage you to set a different password for the root account. Therefore, a properly configured SSH server such as mine, where "root" is not a valid login name, would be harder to break into. Once they cracked my main username, they would have to run a server-side bruteforce to try and crack the completely different root password. Once again, I know there are ways to change this, but it could make for an interesting discussion. There advantages and disadvantages to both ways.
Last edited by lespaul_rentals; January 23rd, 2008 at 08:20 PM.
Disabling root login on SSHD isn't much of a security measure, imho. You might try disabling password based logins, using denyhosts, or throttling incoming new connections. Honestly, I've used both su and sudo, and the only difference I see is one password vs. two.
I am aware of all internet traditions. | Getting the best help | Text formatting codes | My last.fm profile Should I PM support questions? NO!
I think once someone has got access to your machine, getting root access one way or another is only a minor step, basically if your machine is that easy to brute force you have big problems either way. Personally I prefer not having a root account enabled (or at least a having a known password set) by default, I sudo when I need to do something quickly as root, or sudo su if I want to switch to root for a long period. I've never seen any reason to log straight in as root, either via the gui or command line. I've also never seen a reason to allow remote root logins, and if this was the case I'd probably take further steps by segregating the machine physical and also isolating it's access from the outside network.
If you setup sudoers correctly it will require both your password and your root password to get root. i think sudo can easily emulate any function of su, and encourages safety, although in the hands of somebody who knows what theyre doing both are fine!
Why would it be easier for someone to brute force your username and password than root's username and password? They already know A) what the root username and B) what privileges the root username has. All they would need to brute force at that point would be the password.
blog | advice | more advice
I have used both sudo and root based systems and find both to have their advantages and disadvantages. The advantage of a sudo system is that you dont have to have two separate passwords for administration, but this also means that by default the first user of the system is technically the root user and you would need to change the password more often if you are a security maniac. My biggest argument against sudo is that it behaves too much like a Microsoft system, acting like every user can just download something without monitoring, while this is good for a ease of use standpoint its bad from a security standpoint. the advantage of a root based system is that the root user and the first user of the system are separate, that you have the master password and the user passwords separate.... the administrator is the administrator and the user is the user. From a ease of use standpoint this does not sound that good as it means more passwords to remember... but for me in this matter I prefer root systems. However if you have a real newb at work who has no idea what he or she is doing they could mess up a root based system too.
HOME BUILT SYSTEM! http://brainstorm.ubuntu.com/idea/22804/ Please vote up! remember kiddies: sudo rm -rf= BAD!, if someone tells you to do this, please ignore them unless YOU WANT YOUR SYSTEM WIPED
Originally Posted by aysiu Why would it be easier for someone to brute force your username and password than root's username and password? If you disable root logins on SSH then an external intruder can not brute force root's password. In this case, there is no advantage to SUDO over SU. Also, given that most systems do disable root logins from outside, it is becoming increasingly common for hackers to brute force usernames given a set of typical passwords. If the attacker has access to the machine, but no account, then he could theoretically brute force root's password; but this would have to be performed manually from the keyboard. Assuming even a weak 8-character password, the relatively weak MD5 encryption scheme, and typing a password every five seconds, it would take about 8,000 years to try all combinations. NOTE: this is the only situation for which a SUDO-only system provides any security advantage; all other cases provide either equal or less security. If the attacker has an account on the machine, a simple examination of /etc/group reveals the administrative accounts and negates any advantage that SUDO may hold regarding root's anonymity. One advantage of a separate root account is that the admin user only needs to log in when it is necessary to perform administration. If no administration needs performing, he doesn't log in and there is no opportunity for his password to be discovered (by scripting, mechanical interception, or by physical observation). An Ubuntu user who would typically log into his admin account for normal usage provides more opportunities for the password entry to be intercepted and less time between admin logins to discover suspicious activities. A corollary to this advantage of fewer logins is that a more secure password can be chosen for the root account without having an adverse effect on ease of use for unprivileged users. Of course an Ubuntu user could limit usage of his admin account (and choose a strong password for it), but evidence indicates this to be a rather rare occurrence -- and if such security measures are employed then all of the usability benefits of Ubuntu's SUDO-only methodology are completely negated. Probably the most critical aspect of Ubuntu's disabling the root account is that the account isn't really disabled; all that is disabled is password-based root logins. IF your machine is ever compromised, the intruder would be able to provide himself with password-less root access and make it extremely difficult (theoretically impossible) for administrators to discover his presence. Far more damaging than having someone gain administrator privileges and trashing your data would be having someone maintaining access and control of your installation for months on end without your being aware of it.
Originally Posted by SunnyRabbiera I have used both sudo and root based systems and find both to have their advantages and disadvantages. The advantage of a sudo system is that you dont have to have two separate passwords for administration, but this also means that by default the first user of the system is technically the root user and you would need to change the password more often if you are a security maniac. My biggest argument against sudo is that it behaves too much like a Microsoft system, acting like every user can just download something without monitoring, while this is good for a ease of use standpoint its bad from a security standpoint. the advantage of a root based system is that the root user and the first user of the system are separate, that you have the master password and the user passwords separate.... the administrator is the administrator and the user is the user. From a ease of use standpoint this does not sound that good as it means more passwords to remember... but for me in this matter I prefer root systems. However if you have a real newb at work who has no idea what he or she is doing they could mess up a root based system too. I disagree completely. A user with sudo powers is not "technically the root user" any more than a limited user is who knows the root password. admin users, unless they are sudoing a particular command, have limited privileges and can't modify much outside their home folders. And, no, it doesn't act as if any user can do stuff without monitoring. As a matter of fact, sudo has much better security auditing than root does, and not all users have to have sudo access--only admin users. If you have users know the root password to get root access, it also means that if you ever want to demote those users, you have to change the root password, and notify all users who know the root password of the change. Kind of annoying. If you use the sudo model, all you have to do is take the demoted user out of the admin group.
Well I think if you need to do some root terminal work very quick sudo is best. But if you are going to do a lot of root terminal work it becomes annoying to type "sudo" in front of every command. So I vote "other" even though there isn't that option
Originally Posted by nathangrubb Well I think if you need to do some root terminal work very quick sudo is best. But if you are going to do a lot of root terminal work it becomes annoying to type "sudo" in front of every command. So I vote "other" even though there isn't that option If you need to do a lot of root terminal work, just type Code: sudo -i
sudo -i
Ubuntu Forums Code of Conduct
