Tips for managing your root and user passwords |
|
There is more than way to become the superuser (root):
log in as root At the login screen, type root as the username and then enter your root password do something only root can do If you're logged in as a regular user, and you need to do something that requires superuser permissions, you'll be prompted to enter the root password. su to root If you're logged in as a regular user, you can su to root in a terminal window. First, open the window (Applications->System Tools->Terminal), then type: |
$ su
Password: (type the root password)
|
|
PLEASE NOTE: since the superuser has sufficient permissions to do anything, including damage your filesystem, you should not do anything when logged in as root unless it is absolutely necessary. In other words, don't log in as root to type and print a document.
|
|
|
Here are some guidelines on choosing a good password and keeping it safe.
|
| Do |
Don't |
| use 8 or more characters |
use a word that's found in the dictionary |
| substitute symbols or numbers for letters (e.g. - instead of 'frogcroak', use 'fr0gcr0@k') |
choose something about you that's easily guessed (e.g. - if you really like frogs, don't use the word 'frog') |
| change it once in a while |
email your password to anyone, ever |
| if it's something you won't remember, write it down and store it someplace safe |
give it to someone unless absolutely necessary |
|
|
If you must write down your passwords, store them somewhere safe. The best password in the world is useless if someone else knows where you store it.
|
|
|
There are two ways to change the root password:
|
|
command line: Open a terminal window, su to root, and type:
|
$ passwd
Changing password for user root.
New password: (type the new password)
Retype new password: (type it again)
passwd: all authentication tokens updated successfully.
|
|
use the 'change password' utility:
- Log into your computer using any account.
- Click on System->Administration->Root Password
- Provide the current root password
- Type the new root password, and again to confirm it.
- Write it down, or use one you won't easily forget
|
|
If you've forgotten your root password, you need to boot into Single User Mode:
- Shut down and restart your computer.
- Press the spacebar when the GRUB screen appears.
- If there's more than one kernel listed, highlighting the one you want to boot to by pressing the up or down arrow keys.
- Press 'e' to edit the command before booting.
- Highlight the line that begins with "kernel..."
- Press 'e' to edit the line.
- Add the word 'single' to the end of the line.
- Press enter.
- Press 'b' to boot using the new kernel command.
- Wait for the computer to boot up. In single-user mode, you won't see the normal login screen. Instead you'll see the command line, or shell, prompt. Type:
|
# passwd
Changing password for user root.
New password: (type the new password)
Retype new password: (type it again)
passwd: all authentication tokens updated successfully.
# exit
|
|
Typing exit at the last shell prompt will start the computer in normal user mode and display the login screen.
|
|
|
There are two ways to add and change users:
|
|
command line: Open a terminal window, su to root, and type:
|
$ /usr/sbin/useradd (user or login name)
|
|
There are several command line switches that can be used as well. Read the man page for the useradd command for more information.
|
|
$ man useradd
|
|
use the 'users and groups' utility:
- Log into your computer using any account.
- Click on System->Administration->Users and Groups
- When prompted, provide the root password
- Click Add User
- Fill out the 'Create New User' form and click Ok
|
|
Existing users can be edited by highlighting the user in the list and clicking Properties.
|
|
|
If your root password is stolen or otherwise discovered by someone you don't wish to give superuser privileges to, you need to take immediate action to determine if they've compromised your system. If necessary, try to fix any damage that may have been caused.
Ask them. If the thief is someone you know and can talk to, ask them what they've done. It could be they stole it only to use later, but haven't done anything yet. Of course, you must determine if you can really trust what they've told you is the truth. Remove their access. If the thief is a user who has an account on the machine, consider disabling or deleting their account. Also, you should change your root password immediately. Use a check-root utility. There are check-root kits available that can be used to determine if the thief has compromised your system in such a way that you'll need to reinstall some programs. A good start is to do a google search on check-root kits. Disconnect from the network. If your compromised system is connected to a network or to the Internet, you should consider physically disconnecting it until you're able to fix it or determine that no damage was done. This means you'll need to unplug the network cable from the back of the computer and make it unavailable for use.
|
|
