Announcement

Collapse
No announcement yet.

Logging in as root on 21.10

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Logging in as root on 21.10

    I've always enabled logging in as root, and hadn't gotten around to that yet on my shiny new....new.....new.....laptop. When I referred back to my notes--which worked before--I found that, like so many other things from version to version, they no longer worked!

    So I used my friend Google and had it working in 2 minutes.

    Just wondering if anyone else around here does this, too? As an old-school UNIX, CLI-only person, I started with the ability to log in as root without jumping through hoops. It was just part of the OS, like any other user logging in. When various Linux distros took away this ability, I got it!! I understood the reasoning, i.e., they figured clueless windows users would shoot themselves in the foot doing things as root that they had no business--or knowledge--doing, so take the ability away and make them really work for it if they want it. But I thought it was really stupid for old-timers who know their way around and may have good reasons for wanting a pure root login--but, at least, for us it was possible to enable it. They've made it more and more hidden but it's still doable, so that's good.
    Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544


    #2
    I'm not a fan of sudo, mostly because my previous distros did not use it. That being said I never default log in as root because there is no need.

    Comment


      #3
      Originally posted by Fred47 View Post
      I'm not a fan of sudo, mostly because my previous distros did not use it.
      Me either! So I don't use it. I "su -" instead.

      That being said I never default log in as root because there is no need.
      In my experience, there has been.

      I don't remember which computer it was, but I had one that I so horribly screwed up my account on that I couldn't log in with it. root to the rescue! Logged in as root, fixed the offending problem, and back in business.

      Also, on one of my more recent laptops, I had a problem like I've written about for this one, with the splash screen I've chosen in settings not sticking. I had a vague recollection of fixing that last time by logging in as root, so yesterday, after getting that working, I logged in and repeated the steps I thought I did before...but, alas, my splash screen still doesn't stick. *sigh* FWIW, what I recalled doing last time was logging in as root and running System Settings--for some reason, this was different than running SS *as* root from a normal login. Then, in SS, I picked the splash screen I wanted, applied it, logged out, and there it was! Not so this time...
      Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

      Comment


        #4
        The last time I borked my pc was years ago. I spent a day fussing about and finally just wiped and load (of course I have a good backup) So logging in as root has little benefit for me

        Comment


          #5
          My understanding is that not allowing root login is primarily a security measure, rather than to protect against clueless use of the login. There are bots scanning the internet address space trying to login as root, and they get interested if they get asked for a password. Another scenario, perhaps more common these days, are bad guys pivoting from IOT devices that have been exposed to the internet; there are now, or soon will be, millions of such devices with weak security.

          If you want to run as root, you can use sudo -i . With a desktop environment, in normal use one is already logged in; would you want to end a session, or switch sessions, just to run as root?
          Regards, John Little

          Comment


            #6
            Originally posted by jlittle View Post
            My understanding is that not allowing root login is primarily a security measure, rather than to protect against clueless use of the login. There are bots scanning the internet address space trying to login as root, and they get interested if they get asked for a password. Another scenario, perhaps more common these days, are bad guys pivoting from IOT devices that have been exposed to the internet; there are now, or soon will be, millions of such devices with weak security.
            But any system will prompt for a password if 'root' is entered as the username--regardless of whether or not root logins are enabled. You know what I mean? Assume that you do *not* have root logins enabled. Log out, go to your login screen--the kind where you have to type in a username--put 'root' as the user, and see what happens. It prompts for a password, right?

            If you want to run as root, you can use sudo -i . With a desktop environment, in normal use one is already logged in; would you want to end a session, or switch sessions, just to run as root?
            I [rarely] use sudo -i but I'm not a big fan of it, or sudo in general. During a normal session, I want to remain logged in--that's why I use su - instead of logging out and back in as root. I generally have one Konsole tab open as root, and one or more other tabs as my regular user. The only times I physically log in as root are as described above, where I so hopelessly borked my account that I couldn't log in with it, or when a specific need arises, as described earlier when I fixed a splash screen issue that way. Other than that, I only use a real root login once every few months, just to satisfy my obsessive need to be sure it works. I don't want to find out the hard way that I *thought* I set it up but really didn't!
            Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

            Comment


              #7
              Originally posted by Fred47 View Post
              The last time I borked my pc was years ago. I spent a day fussing about and finally just wiped and load (of course I have a good backup) So logging in as root has little benefit for me
              When I did it, logging in as root and editing the offending file solved the problem in a minute--not a day plus a reinstall! But to each their own. Ah, the beauty of choice... Linux.
              Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

              Comment


                #8
                I agree with jlittle .
                Mostly I issue "sudo -i" and from that root console I use my CLI foo, or use mc, or run "/make_snapshots.sh", or do other maintenance work. I don't use "sudo somecommand" very often.
                "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                – John F. Kennedy, February 26, 1962.

                Comment


                  #9
                  Thinking about it, a lot of my aversion to root logins, or working with a root shell, comes from working in teams where I'd be something of a technical lead (mostly because I'd read documentation) with (cough, cough) uneven skills or experience, and seeing the screw ups coming from sloppy use of root (or other privileged logins). It's not so much that I didn't trust myself, more that I didn't trust others learning from my example. This is similar to helping people here at KFN; minimizing root use may be crucial example to someone. I'm not primarily thinking of other members; we don't know who search engines will direct to our posts.
                  Regards, John Little

                  Comment


                    #10
                    Originally posted by DoYouKubuntu View Post
                    But any system will prompt for a password if 'root' is entered as the username--regardless of whether or not root logins are enabled. You know what I mean? Assume that you do *not* have root logins enabled. Log out, go to your login screen--the kind where you have to type in a username--put 'root' as the user, and see what happens. It prompts for a password, right?
                    You are correct. This is also a security measure, the system will ask for a password whatever you enter as the username (otherwise it would be simple to deduce valid usernames by checking whether you get a password prompt). The security impact of an enabled root account comes mostly from the fact that most automated break-in tools brute-force only the "root" account for the simplicity (or possibly a few other common usernames such as "admin"...trying different usernames and passwords adds complexity very quickly). Network attacks are a numbers game, you attack millions of hosts and find the weak targets, you don't generally want to waste a lot of time or resources for specific targets.

                    Originally posted by DoYouKubuntu View Post
                    I [rarely] use sudo -i but I'm not a big fan of it, or sudo in general. During a normal session, I want to remain logged in--that's why I use su - instead of logging out and back in as root.
                    "sudo -i" and "su -" have no functional differences in this regard. The only functional difference where it would really matter (that I can think of) is starting dolphin as root...and that could be easily mitigated is by running "unset SUDO_USER" (which you could easily run automatically in /root/.bashrc, if you use bash, for example).

                    Originally posted by DoYouKubuntu View Post
                    Just wondering if anyone else around here does this, too? As an old-school UNIX, CLI-only person, I started with the ability to log in as root without jumping through hoops. It was just part of the OS, like any other user logging in. When various Linux distros took away this ability, I got it!!
                    sudo has been around since the 80s (it predates linux by roughly a decade). A lot of us UNIX "old-timers" are quite familiar with it and it's advantages.
                    Last edited by kubicle; Mar 10, 2022, 02:04 AM.

                    Comment


                      #11
                      Like Linux, it's all about personal choice kubicle!

                      I'd never heard of 'sudo' until I started using *buntu in 2005. If it was present in any OS I was using before that, I sure didn't know about it! I tried using it, but I just don't like it. For me, su - makes my life simpler and easier.

                      I understand your reasoning about root logins, and it makes perfect sense--for you. For me, other than *one* semi-mortal mistake as root--back in ~1987(?)--I learned my lesson and have *never* screwed up again. As root. Now, as a regular user, I've done everything you can imagine, from making my account unusable to hopelessly borking a brand new computer during setup. But root and its power/advantages, I respect like crazy and just don't screw up when using it.
                      Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

                      Comment


                        #12
                        Originally posted by DoYouKubuntu View Post
                        Like Linux, it's all about personal choice kubicle!
                        I'm fine with that, you and everyone else can run their systems as they choose

                        Originally posted by DoYouKubuntu View Post
                        I'd never heard of 'sudo' until I started using *buntu in 2005. If it was present in any OS I was using before that, I sure didn't know about it!
                        It has been available long before that, though not necessarily installed by default or configured like it is in *buntus. Before *buntus (and MacOS), it's usage was more prevalent in multi-user and/or networked environments where it's security enhancements (like finer grained access control and logging of commands were more critical features).

                        Originally posted by DoYouKubuntu View Post
                        I tried using it, but I just don't like it. For me, su - makes my life simpler and easier.
                        That was what I was curious about. I was interested about the "I don't like it", which doesn't really say much. I wanted to know if there were specific reasons for not liking it or whether it was more like this is the way I am accustomed to.

                        Originally posted by DoYouKubuntu View Post
                        I understand your reasoning about root logins, and it makes perfect sense--for you. For me, other than *one* semi-mortal mistake as root--back in ~1987(?)--I learned my lesson and have *never* screwed up again. As root. Now, as a regular user, I've done everything you can imagine, from making my account unusable to hopelessly borking a brand new computer during setup. But root and its power/advantages, I respect like crazy and just don't screw up when using it.
                        The point I was trying to make that having the root account locked improves system security for most users, the reasoning behind it is not "prevent user's from shooting themselves in the foot with the root account"...user's are generally just as capable of doing that with sudo.

                        While this isn't "just my opinion", I didn't really mean that users who know what they are doing (like you) can't run their systems securely with the root account enabled. But we all know the majority of users really don't know what they are doing (although people who have found their way to linux are generally more competent than the general populace).
                        Last edited by kubicle; Mar 10, 2022, 10:42 PM.

                        Comment


                          #13
                          Originally posted by kubicle View Post
                          That was what I was curious about. I was interested about the "I don't like it", which doesn't really say much. I wanted to know if there were specific reasons for not liking it or whether it was more like this is the way I am accustomed to.
                          For me, it's a bit of both. su -, once issued in a terminal, lets me come back to it throughout the day without having to re-validate over and over again. With sudo you're limited (by time? by number of actions? I don't know--I haven't used it enough to know its finer points). But, yes, it's also what I'm used to. And like.

                          The point I was trying to make that having the root account locked improves system security for most users, the reasoning behind it is not "prevent user's from shooting themselves in the foot with the root account"...user's are generally just as capable of doing that with sudo.
                          I kind of disagree. Sure, a really determined person who's bent on screwing up their computer can do it with sudo, but I see a much greater likelihood of doing that when you're actually logged in as root. One typo, one errant command, one itsy-bitsy mistake can be catastrophic. And when you're logged in as root, it's easy to lose track of that fact! Like you get busy doing other stuff and really don't think about it. With sudo, you have to continually type its command and enter your password....this is a reminder that you're doing something serious.

                          While this isn't "just my opinion", I didn't really mean that users who know what they are doing (like you) can't run their systems securely with the root account enabled. But we all know the majority of users really don't know what they are doing (although people who have found their way to linux are generally more competent than the general populace).
                          When I started using *buntu, I was actually shocked that logging in as root was disabled by default. I'd never seen or heard of any *nix doing that--and I definitely didn't like it. My *nix route looks something like this: Tandy Xenix, SCO, Coherent, [several different Linux distros, including Red Hat], Kubuntu. I'm not aware of any of those disabling root logins other than [K]Ubuntu; if they did, I didn't know about it!
                          Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

                          Comment


                            #14
                            Ubuntu 'disabling root login' by default is strictly a *buntu thing. Doing it goes against industry 'established norms' that nearly every other distribution of Linux adheres to -- I believe.
                            Windows no longer obstructs my view.
                            Using Kubuntu Linux since March 23, 2007.
                            "It is a capital mistake to theorize before one has data." - Sherlock Holmes

                            Comment


                              #15
                              Originally posted by Snowhog View Post
                              Ubuntu 'disabling root login' by default is strictly a *buntu thing. Doing it goes against industry 'established norms' that nearly every other distribution of Linux adheres to -- I believe.
                              That explains why I never saw it in any other distro I tried! Thanks. It also reinforces my thinking about their thinking regarding windows users, since Ubuntu is the #1 Linux distro and has the most windows converts. It makes sense that they'd proactively do something to limit potential damage done by windows 'experts' who think they're in control--despite the OSes being like apples and oranges!
                              Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

                              Comment

                              Working...
                              X