aioshin Posted May 7, 2005 Report Share Posted May 7, 2005 (edited) i' d just tried installing ubunto, well, by just following some instructions, I able to finish the installation, though I got an error on the last part, but it still boot thru console... the error was maybe due to my crdom drive, anyway, I was able to login as user but.... I dont know what was happen, and I remember that I entered my common root password during the install but now, i cant login as root... i can login as user but trying su wont do also, it wont accept my root passwd... is there a way to bypass it,??? or maybe I should now reinstall it again. Im only able to go to cli, havent gone to X yet, when trying startx, there are some errors, but how could I fix that if I dont even able to login as root Edited May 9, 2005 by aioshin Quote Link to comment Share on other sites More sharing options...
bvc Posted May 7, 2005 Report Share Posted May 7, 2005 ubuntu uses sudo the first user made at install can use it sudo <command> examples; sudo reboot sudo apt-get install <pkg_name> sudo vi /etc/X11/xorg.conf Quote Link to comment Share on other sites More sharing options...
scarecrow Posted May 7, 2005 Report Share Posted May 7, 2005 Ubuntu doesn't create a root account by default (and it seems it's not wise to create one afterwards, either!), while the sudo password is the first user one. Quote Link to comment Share on other sites More sharing options...
tyme Posted May 7, 2005 Report Share Posted May 7, 2005 Ubuntu doesn't create a root account by default (and it seems it's not wise to create one afterwards, either!), while the sudo password is the first user one. <{POST_SNAPBACK}> There's always a root account, it's a requirement for any *nix system. What it does is not allow you to login to that account, you have to sudo too it. A simple look at /etc/passwd will show you that the root account exists. You can enable it for regular use (although there's no real need to - they have it all set up well) simply by giving it a password. Quote Link to comment Share on other sites More sharing options...
arctic Posted May 7, 2005 Report Share Posted May 7, 2005 (edited) one of the odd things is that you will be asked to create a root account and a user account if you head for advanced/expert install mode. and if you use the same password for root and first user then, your system will go nuts from time to time.... Edited May 7, 2005 by arctic Quote Link to comment Share on other sites More sharing options...
bvc Posted May 7, 2005 Report Share Posted May 7, 2005 I only did the sudo thing for a few days (or less) before creating an using the root account. I've had this install since warty-beta without any problems. /etc/sudoers # User privilege specificationroot ALL=(ALL) ALL # Added by Ubuntu installer bvc ALL=(ALL) ALL Quote Link to comment Share on other sites More sharing options...
aioshin Posted May 9, 2005 Author Report Share Posted May 9, 2005 (edited) thanks really for all the reply, especially the sudo thing, you are all right about it, it was me that had been lost anyway, not my root passwd, did'nt realize that I should RTFM before installing it... thanks btw, I'm just trying it, and no plans to replace MDV Edited May 9, 2005 by aioshin Quote Link to comment Share on other sites More sharing options...
Jet2k5 Posted May 9, 2005 Report Share Posted May 9, 2005 I have bought " Hacking Linux Exposed 2nd Edition" and it shows all the Linux security secrets. From reading the first chapter about 4 times ( a method I use to make sure I remeber every single word in the chapter, before moving on ), Since I use ubuntu, I have sudo too, but I don't think it's too safe. The first reason is that the password for the sudo is the same as the user. So if some cracker gets your user password he also has access to the root accout ( since both passwords are the same) I've found a neat thing that crackers use to exploit passwords. One is when you log on ( gdm or kdm ) you sometimes type the password instead of the user name. So when someone greps a line in some file that I can't remember, it shows a 'FAILED LOGIN' and it usually shows your username, but in this case it shows the password. I found that neat. It's a cool way to know somones password. So I'm thinking that having sudo is not that great, because if a cracker gets the user password then the root account is vanerable and exploited. I'm I wrong, or right? I'm thinking about creating a root account, sure for safety checks. I've been able to understand a crap load form 1 chapter. Highly recommend the book to all of you out there. -Luis Quote Link to comment Share on other sites More sharing options...
bvc Posted May 9, 2005 Report Share Posted May 9, 2005 (edited) yes sudo is weak and for non unix rooter's root must be compromised to cause damage and sudo adds to that possibility. Sudo does nothing for a one user desktop that su can not. If you can not point out otherswise, there's no point in giving your personal opinion that contradicts the basic fundamental concepts to the unix sys. Sudo is only good for multiuser systems where root wants an easy way to distribute root privy's to another, or other, users. That is all. Doing so decreases the security of any linux sys. Common sense. Edited May 11, 2005 by bvc Quote Link to comment Share on other sites More sharing options...
jlc Posted May 10, 2005 Report Share Posted May 10, 2005 (edited) I wouldn't use this my self ALL=(ALL) ALL Except I understand why some people would use this on a desktop box. Edited May 11, 2005 by cybrjackle Quote Link to comment Share on other sites More sharing options...
Artificial Intelligence Posted May 10, 2005 Report Share Posted May 10, 2005 The first reason is that the password for the sudo is the same as the user. So if some cracker gets your user password he also has access to the root accout ( since both passwords are the same) I've found a neat thing that crackers use to exploit passwords. One is when you log on ( gdm or kdm ) you sometimes type the password instead of the user name. So when someone greps a line in some file that I can't remember, it shows a 'FAILED LOGIN' and it usually shows your username, but in this case it shows the password. -Luis <{POST_SNAPBACK}> I way to avoid this is to have all the username displayed, then you can doubleclick your username and thereafter write your password. Though I've never wrote password in the wrong place....must be in a hurry situation Quote Link to comment Share on other sites More sharing options...
jlc Posted May 10, 2005 Report Share Posted May 10, 2005 (edited) Here are some examples of stuff I do with sudo # User alias specification User_Alias YUM_FULL=justin User_Alias MOUNT_DRIVES=justin User_Alias UMOUNT_DRIVES=justin User_Alias SHUT_DOWN=justin User_Alias LOAD_NVIDIA=justin #User_Alias WOOT_ME=justin # Cmnd alias specification Cmnd_Alias YUM=/usr/bin/yum * Cmnd_Alias MOUNT=/bin/mount /media/* Cmnd_Alias UMOUNT=/bin/umount /media/* Cmnd_Alias SHUTDOWN=/sbin/shutdown -h now Cmnd_Alias NVIDIA=/bin/sh /home/justin/src/NVIDIA-Linux-x86-1.0-7174-pkg1.run #Cmnd_Alias GIVE_IT_UP=/usr/bin/system-config-rootpassword # User privilege specification root ALL=(ALL) ALL YUM_FULL ALL=(ALL) YUM MOUNT_DRIVES ALL=(ALL) MOUNT UMOUNT_DRIVES ALL=(ALL) UMOUNT SHUT_DOWN ALL=(ALL) SHUTDOWN LOAD_NVIDIA ALL=(ALL) NVIDIA #WOOT_ME ALL=(ALL) GIVE_IT_UP Edited May 11, 2005 by cybrjackle Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.