how to log in as root on desktop
Tapas Mishra
mightydreams at gmail.com
Wed Dec 1 07:13:22 UTC 2010
On Tue, Nov 30, 2010 at 3:46 PM, Alan Pope <popey at ubuntu.com> wrote:
> On 30 November 2010 10:12, Tapas Mishra <mightydreams at gmail.com> wrote:
>> What are the implications of doing so let us know.
>> Some of us may benefit out of it.
>>
>
> Observe the http link in my previous mail.
>
I have been using root login su -
from past 5 years I do not find any problem and never had any problems.
So I am not able to understand what is wrong with that and why each
time some one has to set a root password or use sudo each time.
The benefits mentioned on that page I do not see them as advantageous
or fruitful.
# The Ubuntu installer has fewer questions to ask.
Can this not be with su -
# Users don't have to remember an extra password (i.e. the root
password), which they are likely to forget.
#
This is trivial.
#It avoids the "I can do anything" interactive login by default (e.g.
the tendency by users to login as an "Administrator" #user in
Microsoft Windows systems), you will be prompted for a password before
major changes can happen, which #should make you think about the
consequences of what you are doing.
I am most of the time very well clear with what I am doing and even if
some one uses sudo how will some thing
like this be prevented.Is it not possible to execute some thing which
is harmful via sudo?
#sudo adds a log entry of the command(s) run (in /var/log/auth.log).
If you mess up, you can always go back and see #what commands were
run. It is also nice for auditing.
#
This Ok,I use .bash_histroy
#Every cracker trying to brute-force their way into your box will know
it has an account named root and will try that first. #What they don't
know is what the usernames of your other users are. Since the root
account password is locked, this #attack becomes essentially
meaningless, since there is no password to crack or guess in the first
place.
#
>This 2010 key based authentications were invented long time back.Some one sitting at a server this might be important but then they will not enable root login on SSH.Other than that to be able to brute force some one needs to have physical access to your box and can this not be a problem with the normal user account.
In a situation where a normal user account is compromised how will it
protect some one from
using sudo in that situation?
#Allows easy transfer for admin rights, in a short term or long term
period, by adding and removing users from groups, #while not
compromising the root account.
# sudo can be setup with a much more fine-grained security policy.
# The root account password does not need to be shared with everybody
who needs to perform some type of administrative task(s) on the system
(see the previous bullet).
Ok this is valid point.I agree to this one.
More information about the ubuntu-users
mailing list