sudo versus #

Karl F. Larsen klarsen1 at
Wed Feb 10 23:56:25 UTC 2010

> On Wed, 10 Feb 2010, Johnneylee Rollins wrote:
>> On Wed, Feb 10, 2010 at 12:00 PM, KAYVEN RIESE <kayve at> wrote:
>>> It's my understanding that the sudo command basically executes the
>>> subsequent command as superuser.  I fail to see the difference between
>>> having a # prompt logged into superuser and sudo, other than ensuring 
>>> that
>>> you don't make mistakes, unless having the terminal open can allow
>>> attackers to infiltrate the system?  I have been using command line unix
>>> for a long time.  I don't make mistakes.  What is the real 
>>> implications of
>>> sudo?
>>> Also, I notice that when Ubuntu gives me those update dialog boxes my 
>>> root
>>> password doesn't work to allow the installation to go forward.  This 
>>> makes
>>> me irritated, because it instead wants my normal user password, which 
>>> for
>>> me by design is a weaker password that I use for more things and thus
>>> could be more easily cracked.  My root password is longer and I use 
>>> it for
>>> less things.  Both are immune to dictionary attack, but it bothers me 
>>> the
>>> way this subverts my configuration.
>> Hope this helps. If you need more information, please do let us know.
> somebody told me to do "sudo passwd" so I did.  As I explained, I DID 
> set a root passwd, so this:
> [::clip RootSudo ::]
> Every cracker trying to brute-force their way into your box will know it 
> has an account named root and will try that first. What they don't know 
> is what the usernames of your other users are. Since the root account 
> password is locked, this attack becomes essentially meaningless, since 
> there is no password to crack or guess in the first place.
> [::end clip::]
> Well.. OK. I am subverting this by creating a root passwd?  However, if 
> they crack my username (which shouldn't be that difficult, that isn't 
> encrypted) AND my weaker user passwd then they crack my sudo anyway?  As 
> I have explained, my root passwd is stronger and I am more careful with 
> it.. so basically I think I was aware of this at least intuitively, and 
> it seems meaningless to me.
> [:: RootSudo clip ::]
> sudo adds a log entry of the command(s) run (in /var/log/auth.log). If 
> you mess up, you can always go back and see what commands were run. It 
> is also nice for auditing.
> [:: end clip ::]
> Nice to know, and I should probably start doing the logs I have been 
> doing in /var/log instead of /root/apt-get like I have been doing?  
> Again, it seems to me I can float my boat and do it my own way.  
> Realizing I have logs in /root/apt-get is better than not realizing the 
> /var/log/auth.log exists.
> I'm basically looking for justification that using sudo is not essential 
> and it should be OK for me to carry on the way I have been doing it.
>  > > ~SpaceGhost >
>>> -- 
>>> ubuntu-users mailing list
>>> ubuntu-users at
>>> Modify settings or unsubscribe at: 
>> -- 
>> ubuntu-users mailing list
>> ubuntu-users at
>> Modify settings or unsubscribe at: 
> *----------------------------------------------------------*
>   Kayven Riese, BSCS, MS (Physiology and Biophysics)
>   (415) 902 5513 cellular
>   Webmaster
> *----------------------------------------------------------*

	The key thing you seem to miss is what I have. I have zero 
root password. They can try anything they want and no joy!
	I have the password I use with sudo when I need temporary 
root and it is a good password. Machine code crackers can get 
it over time. Mine is hard enough I will be aware of the 
attempt via the log or the noise or both and turn off my computer!

73 Karl


	Karl F. Larsen, AKA K5DI
	Linux User
         Key ID = 3951B48D

More information about the ubuntu-users mailing list