[Ubuntu] about using the root account to log on

 

(The verification environment is Ubuntu 14.04 and lubuntu 13.04)

Ubuntu maintainers think that there is really no need to use the root account, because the administrator can do everything you want, And the Administrator only needs to use the sudo command.

 

However, if you do not want to enter sudo every time or insist on using the root account to do something, you 'd better choose to simulate root login by starting a shell. The specific operation is to use the following sudo command:

$ sudo -i

 

This command starts a shell to act as the Login Shell of the target account (Root). That is to say, the login resource file of the target account (Root), such as. Profile, will be preloaded.

 

You can also run the following command:

$ sudo -s

 

Unlike Sudo-I, the shell started by Sudo-S does not load the root environment variable, but uses the current shell environment variable.

 

In the initial state of ubuntu, no password is set for the root account. If you really want to log on with the root account, you can set a login password for it:

$ sudo passwd rootEnter new UNIX password: Retype new UNIX password: passwd: password updated successfully

 

Then you can use the new password to log on to the root account. Using the root account brings risks. Ubuntu maintainers recommend that you do not use the root account unless necessary.

 

You can use the following command to lock the root password to prevent Logon:

$ sudo passwd -l root

 

Unlock the root password and log on:

$ sudo passwd -u root

 

In addition, you can also delete and lock the password for Logon:

$ sudo passwd -dl root

 

Reset sudo timeout, force the next time you use sudo, you must re-enter the password:

$ sudo -k

 

Is sudo less secure than Su?

The basic security mode is the same, so the risks are the same. Any account that can use Su or sudo must be a user with a special license. If the user's account is hacked, the hacker can obtain the root permission like the user does. Therefore, the user's account is a vulnerable part of the security chain and must be valued and protected like the root account.

 

In addition, the features of sudo encourage different work habits, which has a positive impact on system security. Sudo is usually used to execute a single command, while Su is usually used to start a shell and execute multiple commands. Sudo can prevent the risks caused by accidentally disabling the root shell, and promote users to use as few root permissions as possible.

 

Appendix:

1. More About The sudo command

2. More about Ubuntu rootsudo

[Ubuntu] about using the root account to log on