Renaming root users causes problems!
Corey Edwards
tensai at zmonkey.org
Sat Mar 26 09:19:53 MST 2005
On Sat, 2005-03-26 at 08:17, Kenneth Burgener wrote:
> I had heard that one security measure you can do for your Linux machine
> is rename the root username. The system booted fine, but I found that
> several services (including xinetd, and iptables) require the root user
> to be named root. Is there a way around this, or is it not a good idea
> to rename the root user.
I personally don't see much point in it. Disable root ssh login if
you're paranoid. SELinux would probably be a better route to limit what
root can actually do. It's not a trivial task.
> I have a second question. When I realized that there were problems I
> went back and renamed the root user back to root in the /etc/passwd and
> /etc/group, but I forgot to fix it in /etc/shadow. So my next question
> is how do you recover from that? I assumed that it would just list my
> password as blank, but this didn't work. Any suggestion on fixing this?
> How can you reset the root password? I had heard in earlier threads
> about booting to "single" user mode. I tried that but it prompts me for
> the "root password for maintenance".
Add the boot option "init=/bin/sh" in grub. That will skirt the whole
boot up process and dump you to a root shell. You may need to remount
the / filesystem with "mount -o remount,rw /". Edit /etc/shadow and
save. Since you didn't start /sbin/init, you can't shutdown. Instead,
remount / ro again to flush any changes and hit the power button.
Corey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20050326/e5c5649d/attachment.bin
More information about the PLUG
mailing list