sudo versus #
Karl F. Larsen
klarsen1 at gmail.com
Wed Feb 10 23:56:25 UTC 2010
KAYVEN RIESE wrote:
> On Wed, 10 Feb 2010, Johnneylee Rollins wrote:
>
>> On Wed, Feb 10, 2010 at 12:00 PM, KAYVEN RIESE <kayve at sfsu.edu> wrote:
>>>
>>> It's my understanding that the sudo command basically executes the
>>> subsequent command as superuser. I fail to see the difference between
>>> having a # prompt logged into superuser and sudo, other than ensuring
>>> that
>>> you don't make mistakes, unless having the terminal open can allow
>>> attackers to infiltrate the system? I have been using command line unix
>>> for a long time. I don't make mistakes. What is the real
>>> implications of
>>> sudo?
>>>
>>> Also, I notice that when Ubuntu gives me those update dialog boxes my
>>> root
>>> password doesn't work to allow the installation to go forward. This
>>> makes
>>> me irritated, because it instead wants my normal user password, which
>>> for
>>> me by design is a weaker password that I use for more things and thus
>>> could be more easily cracked. My root password is longer and I use
>>> it for
>>> less things. Both are immune to dictionary attack, but it bothers me
>>> the
>>> way this subverts my configuration.
>>
>> Hope this helps. If you need more information, please do let us know.
>> https://help.ubuntu.com/community/RootSudo
>
> somebody told me to do "sudo passwd" so I did. As I explained, I DID
> set a root passwd, so this:
>
> [::clip RootSudo ::]
>
> Every cracker trying to brute-force their way into your box will know it
> has an account named root and will try that first. What they don't know
> is what the usernames of your other users are. Since the root account
> password is locked, this attack becomes essentially meaningless, since
> there is no password to crack or guess in the first place.
>
> [::end clip::]
>
> Well.. OK. I am subverting this by creating a root passwd? However, if
> they crack my username (which shouldn't be that difficult, that isn't
> encrypted) AND my weaker user passwd then they crack my sudo anyway? As
> I have explained, my root passwd is stronger and I am more careful with
> it.. so basically I think I was aware of this at least intuitively, and
> it seems meaningless to me.
>
> [:: RootSudo clip ::]
>
> sudo adds a log entry of the command(s) run (in /var/log/auth.log). If
> you mess up, you can always go back and see what commands were run. It
> is also nice for auditing.
>
> [:: end clip ::]
>
> Nice to know, and I should probably start doing the logs I have been
> doing in /var/log instead of /root/apt-get like I have been doing?
> Again, it seems to me I can float my boat and do it my own way.
> Realizing I have logs in /root/apt-get is better than not realizing the
> /var/log/auth.log exists.
>
> I'm basically looking for justification that using sudo is not essential
> and it should be OK for me to carry on the way I have been doing it.
>
> > > ~SpaceGhost >
>>>
>>> --
>>> ubuntu-users mailing list
>>> ubuntu-users at lists.ubuntu.com
>>> Modify settings or unsubscribe at:
>>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>>
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
>
> *----------------------------------------------------------*
> Kayven Riese, BSCS, MS (Physiology and Biophysics)
> (415) 902 5513 cellular
> http://kayve.net
> Webmaster http://ChessYoga.org
> *----------------------------------------------------------*
>
The key thing you seem to miss is what I have. I have zero
root password. They can try anything they want and no joy!
I have the password I use with sudo when I need temporary
root and it is a good password. Machine code crackers can get
it over time. Mine is hard enough I will be aware of the
attempt via the log or the noise or both and turn off my computer!
73 Karl
--
Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.
Key ID = 3951B48D
More information about the ubuntu-users
mailing list