Trouble Logging In as Root

Mark Haney mhaney at ercbroadband.org
Mon Nov 10 14:20:13 UTC 2008 

CLIFFORD ILKAY wrote:

>>
>> Am I missing something really obvious here? How can setup my computer so
>> that I can login as root? I have all my files backed up so if another fresh
>> install is required that is certainly as possibility. 
> 
> Hi,
> 
> Ignore the advice to set a root password. 

Okay, I came rather late to the party but I would like to say a couple 
of things here.  First and foremost.  NEVER leave root without a 
password.  PERIOD.  This is not only probably the biggest security hole 
ever, it's just plain wrong.  Root is (in the phrasing of Ric Flair) 
'THE MAN'.  It can do everything.  Anyone leaving root exposed runs a 
big risk.

I am aware of the fact that Ubuntu gives sudo access to virtually 
everything for the first user, but let's examine the possibilities here. 
  Let's say I compromise your system's primary user account. I can sudo 
into root, then lock everyone else out with a couple changes to sudo 
using visudo as well as edit the root passwd.  What do you do then? 
You're busted.  Period.  There is no real recovery from that, because 
even with a rescue CD you pretty much need to know the root passwd. 
Sure, if I'm a stupid hacker I can make the root pwd easy to crack, but 
if I'm not I set one massively complicated one that would make it 
virtually impossible to crack.

That's called being screwed, people. I've seen it happen before.  It's 
not pretty to try to recover data in a scenario like that without using 
something like samhain or tripwire to check file integrity.

A good rule of thumb.  Be paranoid.  Don't assume no one is out to get 
you because it's just you using it as a regular desktop system and not a 
server.



> 
> sudo apt-get install foo
> 
> I keep a root shell open most of the time, which I get by doing:
> 
> sudo -i
> 
> When you're prompted for the password, just enter the password that you
> assigned to the first account you created.
> 

Personally, I also keep a root shell open pretty much all the time I'm 
on a system, just in case I do something stupid and lock myself out 
(like breaking an sshd config or something.)




-- 
Frustra laborant quotquot se calculationibus fatigant pro inventione 
quadraturae circuli

Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415

Call (866) ERC-7110 for after hours support

More information about the ubuntu-users mailing list