Linux Mint Forums

[mrappe]

I just installed Mint 13. What is the default root password. I would like to set it to something that I know. Since I have been working with root like privlidges since 1976 on various OS s including Unix and not wiped out anything and this is my home PC I would like to have it available if I need it. i am fully aware of su su - and sudo

Thank You
Mike

[ardchoille]

I just installed Mint 13. What is the default root password. I would like to set it to something that I know. Since I have been working with root like privlidges since 1976 on various OS s including Unix and not wiped out anything and this is my home PC I would like to have it available if I need it. i am fully aware of su su - and sudo

Thank You
Mike

The root account is locked, nobody can log into it.. including the administrator. This is a good thing because everyone knows a linux box has a root account and they know the username, so all they have to do is try and guess the password. If the account is locked then guessing the password isn't an option so it's much harder to brute force. I realize you have been working with unix systems for a while but the best thing you can do is to leave the root account locked and use sudo from your user account, it's a nice security measure. I have been working on Linux systems for over a decade and my experience is that the sudo model is much more secure.. and I haven't seen the need to log into the root account since 2005.

[mrappe]

Thanks for the concern but I just unlocked it and set the password. i will probably lock the account back until I feel like using it (the account) again but since it is my own machine I don't care to have Microsoft or some Linux committee telling me what I can or cannot or should not do with my own system especially since I was on Tymnet and the Arpanet before most of them were born. I am not pointing the finger ant any one here but just the trend of treating everyone as if they are incapable of being responsible for their own decisions. Just like the instructions for my electric drill that has 300 pages of warnings on not to take a bath with it a 1 page on how to use it. For most users it is probably a good thing not to automatically enable the root account but it is silly to pretend it does not exist.

Mike

[ardchoille]

Thanks for the concern but I just unlocked it and set the password. i will probably lock the account back until I feel like using it (the account) again but since it is my own machine I don't care to have Microsoft or some Linux committee telling me what I can or cannot or should not do with my own system especially since I was on Tymnet and the Arpanet before most of them were born. I am not pointing the finger ant any one here but just the trend of treating everyone as if they are incapable of being responsible for their own decisions. Just like the instructions for my electric drill that has 300 pages of warnings on not to take a bath with it a 1 page on how to use it. For most users it is probably a good thing not to automatically enable the root account but it is silly to pretend it does not exist.

Mike

You're looking at it the wrong way. You see it as someone trying to tell you how to use your machine. You should be looking at it as someone showing you a better way. When you unlocked your root account you made your system more vulnerable, that's what happens when a person thinks he knows everything and refuses to listen to others. I know your root account username so all I have to do is guess the password for that account and I'm in. On the other hand you know the username for my root account but mine is locked so even if you guessed the correct password you couldn't log in. There is no reason to log into the root account because everything you need to do can be done using sudo from a user account. If there is no need to log into the root account, why leave it vulnerable by leaving it unlocked?

Being on this planet longer than someone else means absolutely nothing if your mind isn't open and willing to learn from others regardless of their age.

[mrappe]

I do see your point and I do not want to sound like a know it all. I did say that I wanted to set the password and then lock the account. Also, this system is something for me to play with and learn about so if it gets hacked it will just get reloaded or I will try another flavor of Linux. Also, it is only booted up when I am actually logged on and using it so the chances of a brute force break in are fairly slim with strong passwords. Thanks for your insights though.

Mike

[brainout]

Thanks for the concern but I just unlocked it and set the password. i will probably lock the account back until I feel like using it (the account) again but since it is my own machine I don't care to have Microsoft or some Linux committee telling me what I can or cannot or should not do with my own system especially since I was on Tymnet and the Arpanet before most of them were born. I am not pointing the finger ant any one here but just the trend of treating everyone as if they are incapable of being responsible for their own decisions. Just like the instructions for my electric drill that has 300 pages of warnings on not to take a bath with it a 1 page on how to use it. For most users it is probably a good thing not to automatically enable the root account but it is silly to pretend it does not exist.

Mike

AMEN! You say that so well, I put your post in PC World Forums, here: http://forums.pcworld.com/index.php?/topic/152246-linux-tyranny/page__view__findpost__p__679417.

It is not 'a better way' to be blocked from the freedom of using one's own computer, to be unable to see files or change them; to be unable to copy the same settings in one file to another. Open Source means open to the user. Next thing you know, we won't be allowed to use steak knives because we might cut ourselves.

[russellz]

The root account is locked, nobody can log into it.. including the administrator. This is a good thing because everyone knows a linux box has a root account and they know the username, so all they have to do is try and guess the password. If the account is locked then guessing the password isn't an option so it's much harder to brute force. I realize you have been working with unix systems for a while but the best thing you can do is to leave the root account locked and use sudo from your user account, it's a nice security measure. I have been working on Linux systems for over a decade and my experience is that the sudo model is much more secure.. and I haven't seen the need to log into the root account since 2005.

I think this is just a matter of opinion. An opposing view is given here: http://www.pclinuxos.com/forum/index.php/topic,90479.0.html
Take your pick.

Russell