Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Kubuntu User (http://www.linux-archive.org/kubuntu-user/)
-   -   Root password security (http://www.linux-archive.org/kubuntu-user/38762-root-password-security.html)

"O. Sinclair" 01-16-2008 08:55 AM
Root password security
 
The way Kubuntu is set up it is fairly easy for a user to boot up in
"rescue mode" and gain full access to the computer as root user from
command prompt. I don't really like this. If I set a password for root
will it have any impact on "sudo" functionality?

Sinclair

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users

cary Bielenberg 01-16-2008 09:15 AM
Root password security
 
O. Sinclair wrote:
> The way Kubuntu is set up it is fairly easy for a user to boot up in
> "rescue mode" and gain full access to the computer as root user from
> command prompt. I don't really like this. If I set a password for root
> will it have any impact on "sudo" functionality?
>
> Sinclair
>
>
No, with the exception of the last week when adept wanted the root
password instead of sudo you normally don't use it. I activate it on my
ubuntu servers as a standard, I activate the root password when I'm
using cli upgrades etc. You could (most people do) survive without ever
activating the root password.


Cary


--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users

Derek Broughton 01-16-2008 04:50 PM
Root password security
 
O. Sinclair wrote:

> The way Kubuntu is set up it is fairly easy for a user to boot up in
> "rescue mode" and gain full access to the computer as root user from
> command prompt. I don't really like this. If I set a password for root
> will it have any impact on "sudo" functionality?

No. How would you propose preventing a user booting in "rescue mode"?
Every Linux does that. afaik, your only option is to put a password in
grub.
--
derek


--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users

"O. Sinclair" 01-16-2008 05:25 PM
Root password security
 
Derek Broughton wrote:
> O. Sinclair wrote:
>
>> The way Kubuntu is set up it is fairly easy for a user to boot up in
>> "rescue mode" and gain full access to the computer as root user from
>> command prompt. I don't really like this. If I set a password for root
>> will it have any impact on "sudo" functionality?
>
> No. How would you propose preventing a user booting in "rescue mode"?
> Every Linux does that. afaik, your only option is to put a password in
> grub.
I don't want to remove the option - I want a password request on it, you
know like "username:" followed by "password:". I generally do not like
the idea of my computer being open to access by anyone who gets their
hands on it. So I figured that if I booted into "rescue" (I hope we mean
the same) mode and set a password I would be asked for that next time.
But wanted to make sure I don't get headaches from my normal login.

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users

Colin Pinkney 01-16-2008 05:41 PM
Root password security
 
On Wednesday 16 Jan 2008, O. Sinclair wrote:
> [snip] ...I generally do not like
> the idea of my computer being open to access by anyone who gets their
> hands on it. So I figured that if I booted into "rescue" (I hope we mean
> the same) mode and set a password I would be asked for that next time.

If someone has physical access to your PC any security like this is pointless
as they could boot from a CD or USB stick, bypassing GRUB altogether and then
have full access to your hard drive. Or they could pull the hard drive out of
the PC and connect it to another PC as a secondary drive and access it all.
About the only way to stop any of this completely is to encrypt your hard
drive.

Anyway, the howto for what you want is here:

http://ubuntuforums.org/showthread.php?t=7353

--
Colin Pinkney
http://www.cpinkney.org.uk

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users

"O. Sinclair" 01-16-2008 06:55 PM
Root password security
 
Colin Pinkney wrote:
> On Wednesday 16 Jan 2008, O. Sinclair wrote:
>> [snip] ...I generally do not like
>> the idea of my computer being open to access by anyone who gets their
>> hands on it. So I figured that if I booted into "rescue" (I hope we mean
>> the same) mode and set a password I would be asked for that next time.
>
> If someone has physical access to your PC any security like this is pointless
> as they could boot from a CD or USB stick, bypassing GRUB altogether and then
> have full access to your hard drive. Or they could pull the hard drive out of
> the PC and connect it to another PC as a secondary drive and access it all.
> About the only way to stop any of this completely is to encrypt your hard
> drive.
>
> Anyway, the howto for what you want is here:
>
> http://ubuntuforums.org/showthread.php?t=7353
>
that was a bit over the top for me. I logged in to rescue mode and typed
"passwd", set a password. Now when I choose Rescue login I get a query
"type password or press CTRL+D to continue". If I type no password it
continues to "normal" boot.

I know there are ways around everything but I like this better than no
password at all.

Sinclair

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users


All times are GMT. The time now is 06:00 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.