Announcement

Collapse
No announcement yet.

Locked out

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Locked out

    Hi all,
    Today I updated my Kubuntu 12.04 installation to 12.10 and everything went smoothly but since I rebooted, I have been locked out since I only had the root account enabled on my installation and now the root account is not available in the login menu and I don't seem to be able to find a way to enter the username manually. I checked kdmrc with the guest account and allowrootlogin is still true but I'm not getting an option to log in using the root account in the login menu, any help would really be appreciated.
    Last edited by yaru; Oct 19, 2012, 02:37 PM.

    #2
    Kubuntu now uses lightdm by default, so you may need to configure that.

    I have to ask, is there any reason you only have the root account on your computer? It is not exactly the most secure way to use linux.

    Comment


      #3
      You can also switch to a TTY console and log in to your root account from there. Then I'd urge you to create a standard user account and log into that from now on.

      Comment


        #4
        Thanks for the replies. Judging by the fact that there are privilege escalation exploits available for practically every different linux kernel out in the wild (heck I have successfully tried some of them myself), I honestly don't find a non-root account any safer than the root account itself; using a non-root account will only add the burden of having to type sudo and retyping the password again and again. I'm also running Kubuntu in VMware, so security isn't exactly my concern. Considering the fact that there is pretty much nothing I can do with the guest account, I think I should boot with a live CD and modify some files or sth, any ideas as to what I should do from there?

        Edit: I think I found the answer, I should enable manual login in lightdm.conf...
        Last edited by yaru; Oct 19, 2012, 12:54 PM.

        Comment


          #5
          Originally posted by yaru View Post
          Thanks for the replies. Judging by the fact that there are privilege escalation exploits available for practically every different linux kernel out in the wild (heck I have successfully tried some of them myself), I honestly don't find a non-root account any safer than the root account itself;
          Security is applied in layers, removing layers reduces security... yes you can use privilege escalation, but that is one more step that must be taken to gain root access if you remove that step just because it 'could' be bypassed then you might as well remove all the other security layers and invite others into your system...

          It might not matter as much in a vm, but if you use bad security policies in a vm then they are going to spill over onto actual machines.

          There is also the fact that it is much easier to accdently delete something important, or clobber something if you always run as root then if you run as a normal user.

          Comment


            #6
            +1 James

            Not using the root account is the best protection against yourself.

            Please Read Me

            Comment


              #7
              I'm not removing that layer just because it can be bypassed, I'm removing it because it is a pretty weak security measure (someone who exploits an up-to-date linux machine most probably has the needed privilege escalation scripts too or else he is wasting his time) and its disadvantages overweight its advantages, especially for my usage. If anyone is really concerned about security, he/she should install a full-fledged firewall, such security layers can hardly make any difference.
              Anyway, adding "greeter-show-manual-login=true" to lightdm's config file doesn't seem to work as intended and the root account still doesn't show up so I ended up adding "autologin-user=root" to the config file, which, by the way, logs in to the OS as root without even asking for the password (apparently people don't even need exploits for privilege escalation anymore, a live cd is enough), removing lightdm and installing kdm instead.
              Last edited by yaru; Oct 19, 2012, 02:41 PM.

              Comment


                #8
                Originally posted by yaru View Post
                I'm not removing that layer just because it can be bypassed, I'm removing it because it is a pretty weak security measure (someone who exploits an up-to-date linux machine most probably has the needed privilege escalation scripts too or else he is wasting his time) and its disadvantages overweight its advantages, especially for my usage. If anyone is really concerned about security, he/she should install a full-fledged firewall, such security layers can hardly make any difference.
                Anyway, adding "greeter-show-manual-login=true" to lightdm's config file doesn't seem to work as intended and the root account still doesn't show up so I ended up adding "autologin-user=root" to the config file, which, by the way, logs in to the OS as root without even asking for the password (apparently people don't even need exploits for privilege escalation anymore, a live cd is enough), removing lightdm and installing kdm instead.
                You can do that with kdm as well... non encrypted security dosn't mean much if you have physical access to the box and an alternitive OS what you want most protection from is remote attacks.

                Comment


                  #9
                  Originally posted by oshunluvr View Post
                  Not using the root account is the best protection against yourself.
                  Yawp. I do remove UFW and Apparmor, and I also change sudo so that I don't need a password. But I do like to keep sudo around just so that I have to force myself to elevate to do admin-y stuff. I know that I can get to typing pretty fast, and a slip of rm -rfv /path/to/oh/shi could really be a bad thing!

                  Comment

                  Working...
                  X