Root password same as user account

ka9yhd · 2012-05-17 19:31:27

Hello:
I have just finished installing CrunchBang 64 bit stable and during the install I was never asked to enter a "root" password. I was asked to create a user account and user password.
I have just discovered by using synaptic for updates that my "root" password is the same as my user password.
How do I change the "root" password?

gurtid · 2012-05-17 19:48:20

try in terminal

sudo passwd root

CBizgreat! · 2012-05-17 20:00:40

I mean guess it's all about choice or preference ... whichever. You can have #! your way obviously. Not sure why root account is such a nagging problem for folks using #! though. Since there are a bunch of ways to become root w/o having a seperate acct for it or needing a diff pw. Sure people could have reasons why they'd want it setup that way. Several users, using the OS perhaps ? Still if you give them the sudo password for your user acct, they'd have the run of the system anyway ... pretty much. Unless you've done this, that ... buncha other stuff limiting that users sudo privileges.

Couple really easy ways to become root in #!. Open terminal type "sudo su" enter your pw, or "sudo -i", enter password. Then type exit when done doing whatever or x out of terminal, to get back to normal user acct. So only saying, not sure what benefit having a seperate root acct would be, w or w/o a diff pw for it. Pointless 2 babbling cents on topic.

(CB) tongue

Last edited by CBizgreat! (2012-05-17 20:02:45)

ka9yhd · 2012-05-17 20:10:37

I guess I am still used to other Linux distros where I am asked to enter a root password then asked to create a user account.
I guess it is ok since I am the only one using this laptop.
I thought it was added security.

snowpine · 2012-05-17 20:15:33

ka9yhd wrote:

I guess I am still used to other Linux distros where I am asked to enter a root password then asked to create a user account.
I guess it is ok since I am the only one using this laptop.
I thought it was added security.

The assumption is that, after installing #!, the user will spend some time customizing it to his/her tastes, and security will be part of that process.

#! was originally Ubuntu-based and so it uses the Ubuntu-style "sudo" by default. There are numerous pros and cons to sudo vs. root password; the choice really comes down to personal preference and/or business requirements.

CBizgreat! · 2012-05-17 21:03:48

Nothing wrong w either/or imo. However you prefer is the right way to setup your pc ... right ? Guess the big diff would be setting an uber secure passwd for sudo user or root either way. Which o course, I don't do, want a pw that's easy to remember and type out. Cuz am lazy, would be the main reason here. See the whole thing as tomatoe/tomotoe kinda issue.

One of those nobodies right, nobody wrong ... All about preference gnu/Linux deals. About only time would think somebody was doing it wrong imo. Would be if they'd setup their os's to always be root, no password at all. Which guess still wouldn't make them WRONG ( unwise perhaps). Would mean they'd be going against common nix security wisdom and their pc would be less secure as a result for sure.

Just having a seperate root(sudo) acct that requires a password to do stuff puts gnu/Linux far ahead of window$ by way of security. Most M$ products ( and users) never bother setting up a seperate admin acct, so are pretty much always root. Thus one of many reasons M$ is apt to run into sec problems so often. But then this is pointless, everybody likely already knows that anyway.

Would use "sudo su" w #!, when feeling like being root. If only cuz that's the approach Corenominal advised in a recent post on root acct vs sudo. Either way, you aren't doing it wrong, only doing it your way. Nothing wrong w that. wink

End babble:

Last edited by CBizgreat! (2012-05-17 21:08:00)

ivanovnegro · 2012-05-17 21:07:18

CBizgreat! wrote:

...not sure what benefit having a seperate root acct would be, w or w/o a diff pw for it. Pointless 2 babbling cents on topic.

(CB)

Normally sudo will just do it. But if you use Sid as an example, sudo could break at some point, happpened some months ago, than it is cool to have your root account.

So, @OP, if you want it, just enable it as mentioned by @gurtid.

CBizgreat! · 2012-05-17 21:10:17

^ Thanks Ivan ... hadn't thought of anything like that (wouldn't have either). Do have both root and a sudo user here. But will keep that in mind either way. Yet another good tip. (CB) smile

Babbling edit: Kinda related ... another excellent tip from one of the other knowledgeable #! crowd. When everything goes wrong, Xaos's handy how to on chroot.

Last edited by CBizgreat! (2012-05-17 21:33:27)

Rudolph · 2012-05-17 21:59:09

ka9yhd wrote:

I have just discovered by using synaptic for updates that my "root" password is the same as my user password.

Just wanna point out that root has no password at all, post-install. When you fire up Synaptic it first runs gksudo to authenticate. When using sudo and gksudo you're entering your own password to prove you're you, not root's password to prove you're root.

With no password the root user cannot log in at all. Only sudo/gksudo works. Su doesn't even work, unless invoked as 'sudo su'. I guess in theory that's more secure than having root be a password-compromise-able account. As long as your sudo user's password is a good one.

If you do add a root password, and if you're running sshd, make sure that /etc/ssh/sshd_config contains "PermitRootLogin no" so the root account still can't be used to login remotely.

CBizgreat! · 2012-05-18 00:17:23

^ Thanks him too,

Having gotten into ( more like trying) web server admin in gnu/nix. Gather that's a good move whenever running a server on whatever. Disable root login via SSH, could be wrong in that too, but makes sense. Disable that puppy and login as a normal user, then do whatever pleases ya from there ? Fortunately root has a pw set for me. But definitely a welcome piece of info to learn, if sometimes it isn't setup that way default for sure.

(CB) smile

Edit ... had one of those many DOH ! moments, if there is no root acct, can't login to the sucker w SSH anyway, if there is, then you've set a pw for it anyway. Still thanks nonetheless and still from what I understand disabling root login via SSH is good juju in server admin type stuff.

Last edited by CBizgreat! (2012-05-20 03:50:17)

Anakinholland · 2012-05-18 15:36:19

Personally, I do not use root, but "sudo -i" if I need it.

Because I did use it before, I used some password-generator website to generate a password with 20+ characters with the hardest options, set it for root and instantly forgotten al about it. Obscurity by forgetfulness smile

If I really need root and I'm fubar-ed, I'll boot into single user mode and set it there.

If the server is on a remote location and you have access though... Yeah, can imagine.

Last edited by Anakinholland (2012-05-18 15:38:31)

VastOne · 2012-05-18 17:00:25

ivanovnegro wrote:

Normally sudo will just do it. But if you use Sid as an example, sudo could break at some point, happpened some months ago, than it is cool to have your root account.

Not only cool, but a system saver... I recall that I had to reinstall before the sudo fix came through..(or when I found it anyway)

Never again would I be without a root account after that

el_koraco · 2012-05-18 17:06:05

Anakinholland wrote:

If I really need root and I'm fubar-ed, I'll boot into single user mode and set it there.

You'll need the root password for single user mode. You can get around this by adding init=/bin/sh to the kernel command line at the Grub prompt, but you can also:

sudo passwd root

and change it big_smile

ivanovnegro · 2012-05-18 17:22:36

VastOne wrote:

Not only cool, but a system saver... I recall that I had to reinstall before the sudo fix came through..(or when I found it anyway)
Never again would I be without a root account after that

Correct, cool was a bit underestimated. cool

CrunchBang Linux

SEARCH

#1 2012-05-17 19:31:27

Root password same as user account

#2 2012-05-17 19:48:20

Re: Root password same as user account

#3 2012-05-17 20:00:40

Re: Root password same as user account

#4 2012-05-17 20:10:37

Re: Root password same as user account

#5 2012-05-17 20:15:33

Re: Root password same as user account

#6 2012-05-17 21:03:48

Re: Root password same as user account

#7 2012-05-17 21:07:18

Re: Root password same as user account

#8 2012-05-17 21:10:17

Re: Root password same as user account

#9 2012-05-17 21:59:09

Re: Root password same as user account

#10 2012-05-18 00:17:23

Re: Root password same as user account

#11 2012-05-18 15:36:19

Re: Root password same as user account

#12 2012-05-18 17:00:25

Re: Root password same as user account

#13 2012-05-18 17:06:05

Re: Root password same as user account

#14 2012-05-18 17:22:36

Re: Root password same as user account

Board footer