Renaming root users causes problems!

Stephen Shaw sshaw at decriptor.com
Sat Mar 26 10:55:38 MST 2005


another measure would be to make sure your not using des or 3des.  Maybe 
use md5 or even blowfish.  and make sure you have a decent password.  I 
played with changing the root name as well and getting rid of it and 
creating a user with an uid of less than 10.   Less than 10 means that 
you have the same level of privs as root if I remember right.
I'd recommend
better encryption
better password
disable root ssh login - if you disable and someone breaks in you will 
be able to tell through which user they broke in.

-Stephen



Corey Edwards wrote:

>On Sat, 2005-03-26 at 08:17, Kenneth Burgener wrote:
>  
>
>>I had heard that one security measure you can do for your Linux machine 
>>is rename the root username.  The system booted fine, but I found that 
>>several services (including xinetd, and iptables) require the root user 
>>to be named root.  Is there a way around this, or is it not a good idea 
>>to rename the root user.
>>    
>>
>
>I personally don't see much point in it. Disable root ssh login if
>you're paranoid. SELinux would probably be a better route to limit what
>root can actually do. It's not a trivial task.
>
>  
>
>>I have a second question.  When I realized that there were problems I 
>>went back and renamed the root user back to root in the /etc/passwd and 
>>/etc/group, but I forgot to fix it in /etc/shadow.  So my next question 
>>is how do you recover from that?  I assumed that it would just list my 
>>password as blank, but this didn't work.  Any suggestion on fixing this? 
>>  How can you reset the root password?  I had heard in earlier threads 
>>about booting to "single" user mode.  I tried that but it prompts me for 
>>the "root password for maintenance".
>>    
>>
>
>Add the boot option "init=/bin/sh" in grub. That will skirt the whole
>boot up process and dump you to a root shell. You may need to remount
>the / filesystem with "mount -o remount,rw /". Edit /etc/shadow and
>save. Since you didn't start /sbin/init, you can't shutdown. Instead,
>remount / ro again to flush any changes and hit the power button.
>
>Corey
>
>  
>
>------------------------------------------------------------------------
>
>.===================================.
>| This has been a P.L.U.G. mailing. |
>|      Don't Fear the Penguin.      |
>|  IRC: #utah at irc.freenode.net   |
>`==================================='
>



More information about the PLUG mailing list