I've enabled the root account on Ubuntu 9.10, however I want to stop it from being used to login via GDM. 9.10 seems to have a different GDM version, how can I carry this out under 9.10
View 9 RepliesI wanted to disable root logins in console, so I searched for that. I found that if I change root's bash to "/sbin/nologin" in "/etc/passwd", root user will not be able to login. So I did that. But when I wanted to use sudo command, it didn't show me root bash, but it only do the same thing as logging in as root in single user mode (shows message that this account is disabled). So, how I can disable root logins, but keep enabled sudo command for standard users?
View 6 Replies View RelatedI run ProFTPd with TLS authentication on my Debian Lenny server. My problem is that despite of the fact that my users connect chrooted, one of my friends had root privileges after logging in form a Macintosh and could browse the root directory, too.
View 1 Replies View RelatedI need to login as root, or at least get root privileges, in a cron triggered backup run. The straight way to do this would be the backup server making an ssh connection to the server to be backed up (this way because I want to avoid many servers being backed up in parallel and the backup server itself would be managing this diversity), via the rsync command which would be performing the backup's synchronization step.
I'm looking for alternatives to this in some form. I'd like to disallow direct root login to my ssh port (not 22One idea I have is to have the backup server initiate an ssh login as a non-root user, to either the actual source server, or to a server that can reach the source server ... and set up port forwarding. Over the forwarded port, then initiate the rsync that logs in as root via another port that allows direct root, but cannot be reached from the internet at all (because the border firewall doesn't include this port as allowed in).FYI, these logins will be using ssh keys, not passwords. I do need to keep ownership metadata for files being backed up, so this is why I am using root. Also, rsync is needed to get the incremental updates to keep bandwidth usage lower (otherwise I could just transfer a tarball each day).Anyone have any other ideas or comments, for security issues, based on experience doing things like this (backups, routine data replication, etc)?
I have tried to not allow root access and have created a wheel user.
Now I can not logged in as root.
Its okay but when am logging as wheel user and trying to access root then it says:
Code:
It seem like unix abit annoying every time you log in you need to password can I disable it
View 10 Replies View RelatedRemote root login is enabled. How do I disable this
View 14 Replies View Relatedi just installed linux mandriva 2009. i set password for root and created a user account. when i try to login as root, after logging out as user, it does not allow me and gives the error "root logins are not allowed". even it does not show the root account. if i try to go to root from konsole terminal using su root, it allows to enter as a root but when i try to start the GUI with startx it gives error.not sure what to do and why i can't see my account in GUI mode
View 5 Replies View RelatedI was trying to edit a file requiring root permissions, so I used sudo. I typed the root password and it failed. This happened three times, and the process was ended. I then logged in as root (su) and was able to navigate to the file and make changes as root. Am I missing something? How would I edit the sudoers file such that this password would work? Or is there another way to log in to the sudo group to make these changes? How do I set sudo passwords?
View 1 Replies View RelatedI enabled verbose logging and I am curious how to disable it.
View 1 Replies View Relatedhow to disable postfix logging? I can obviously set a macro to purget the logs but I am trying to reduce the IO of the logging altogether.
how to disable it?
Ive searched forums and read syslog dhcpd man pages, but cannot figure out how to completely disable dhcpd logging :S
View 6 Replies View RelatedMy objective is pretty simple: To have a variable within a bash script where I can switch between logging to file or screen.
Simple example of what I am trying to do:
Code:
So, as you can see, I have a variable which clears the log path if the user variable vLOG is not 'Y'. This should mean the user can run the script from the command line and view all the output (instead of it going to a log file).
The problem is that with the final line of the script (which ultimately tests the intention), I don't get the required result as the vLOGPATH variable is just passed to echo as text.
I have tried using 'echo -e' and getting some backslashes in there, I have tried using eval but I am either using them incorrectly.
I installed Ubuntu Studio 9.0.4., as a VMWare virtual machine in OSX to check it out. I specified a password to 'root', did not add any other users. (I run the whole show as "admin" in OSX and Windows as well. If some kid wants my files - The mp3's are under "Music".)
Anyhow, the Ubuntu Studio install went through, the nifty login splash screen came up. I tried to login in a "root" with my password, and got the following thing into my face:
"The system administrator is not allowed to login from this screen"
OK, so what "other" login screen does Ubuntu have, then?
I am using Lucid lynx, 1 partition, Linux is the only OS, and I am the only user. Everything is working fine until I click on "Places> File Browser" the system ask for root password.
Then I enter the Root password and I can then go where ever I want. ( It does not do this every time, just most of the time.)
When I open File Browser the first things listed in the left pane are ROOT, DESKTOP, (which is the root desktop), then FILE SYSTEMS, etc.
I think all the little differences I am experiencing are a result of logging on as ROOT user. I think that when I open File Browser (I use this a lot) and it ask for the ROOT password I am then ROOT and remain ROOT until I log off (I never do, because I am the only user). When I am root, things will look and feel different than when I am logged on as Wayne, but there are some things that I cannot do as Wayne (such as open File Browser). I opened K3b to burn a disk and a window poped up saying "it is not wise to run K3b as root..."
I don't like about it is the fixation of avoiding root login. I read in the sticky post at the top of this forum that logging into a GUI interface as root is nearly always a bad idea. Why is this? If I have access to the root password, and can simply sudo commands as root, what is the functional difference? The only difference I can see is that I have to continually type in my root password for pretty much everything I do. Elevating a user to root status seems to require a call to the almighty.
I'm usually the only one with access to this system, and I generally like to add in user accounts for any other people that will use the system, and leave root for myself. What is the benefit of requiring 'sudo' all the time?
I am pondering on what would be any implications in logging in via SSH as root?Surely SSH is safe or am I kidding myself and falling for the unwary ethic of logging into a remote Linux box as root?I discovered some open ports remotely on the linux box, and decided to login as root to edit a configuration file to shut off the ports, hence my questioning in whether logging in as root...another point, since SSH is 'supposedly secure', there should not be any implications or am I kidding myself!??? Would it be better to login as normal user then su from there?
Ok, to make things even more interesting, what if its a bog standard generic linux distribution with no suid programs etc, then what happens...take that out of the picture, and say, for editing a configuration file...hackers are not going to see that are they, otherwise by the sound of the answers, it is putting an impression that hackers can see the traffic the minute you login as root?! Otherwise why bother using SSH? I mean, surely, SSH was designed to replace telnet and thereby increase protection...as we all know back in the early 90's before the internet became publicly available, that there was indeed sysadmins dialing in to private networks or telnet'ting into a remote system as root....
How to logging in root user[ubuntu].
View 1 Replies View RelatedI can't log in as root in FC12? I could only su from user login to get to root?
View 12 Replies View Relatedi have fedora 7 server running just zimbra email server. but i forgot the password.
i used a livecd ubuntu then i went to /etc/shadow i used gedit and i remove the hash between the ": :" then saved file. i reboot but i still can not logging. and it does a weird thing. i wrote root then the i hit enter when ask for the password i hit enter. then the screen clean up by it self then it ask for logging again. It does nt say that the password is wrong or any other error.
also i went to single-user mode then once i m at # i wrote passwd root then new password then i reboot but i still have the same problem. i cant logging.
I have RHEL4 server. my root is able to login from CUI mode but not able to login from GUI mode. normal user is able to login from GUI mode and we go to root through su command but directly root is not able to login from GUI
View 2 Replies View RelatedFeb 10 (today) user qt4 extracts from cd /var/log/secure grep -i 'feb 10' secure Something wrong with pam or selinux? I have not fooled with pam or selinux in decades The secure file seems to report problems I do regular yum update s from secure: above
secure:Feb 10 08:00:20 localhost pam: gdm-password[2396]: pam_unix(gdm-passwordession): session opened for user qt4 by (uid=0)
secure:Feb 10 08:00:48 localhost polkitd(authority=local): Unregistered Authentication Agent for unix-session:/org/freedesktop/ConsoleKit/Session1 (system bus name :1.37, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
[code]....
I can login to qt4 from another user via "su - qt4" I would be shot if I inserted the inserted secure file
I have created a linux machine and installed some softwares on it with root user privileges . I used to login with root user credentials for doing the various task.
Later i have realise that this is not the best practice to follow and there should be a new user with less privileges to be created for doing the day to day task.
I have read the steps to create the user but will that new user sufficient enough to do the task that i m doing it through root user?
Will my software allow the new user to work on them?
I would be glad if someone points me to a guidelines on what should be my next step?
A friend of mine has a private forum setup so he and I can communicate back and forth so we don't have to send emails. The link is a "https://" so I'm assuming it's secure. I'm a newbie to ubuntu and I have already switch 3 of my computers at home to ubuntu.
I'm using Ubuntu 10.04 and google chrome as my browser. When I log into his forum it pops up with a screen saying "The site's security certificate is not trusted" and I always click proceed anyways. I'm not worried about this because I'm 110% sure that it's his website that I'm trying to access. My question/problem is it also pops up with a little box telling me to enter my Username and Password every time. When I was using WindowsXP, I had to enter this info once and then I wouldn't have to enter it again.
I have installed fedora 14 in my computer. I installed some applications from root. I created a user id. I am unable to install my internet (broadband connection) now. every time it shows the error "Authentication failure" "install from root" something like that. How can I switch between user and root. Or how can I login as root again?
View 1 Replies View RelatedI need to update my NVIDIA server settings, but to do so I need to be logged in as root user. Does anyone know how to do this from the gnome desktop?
View 6 Replies View RelatedEveryone is wondering why we can't run gEdit and other tools from a terminal by logging in as root(e.g"su-"), I understand that by making changes they are trying to force us as users of Linux to learn better habits that are more secure, but the issues are driving people nuts!
I for one really like being able to log as root and open gEdit to make drive changes without having to login as root, I would normally still have access to all my things like email etc. So changing Linux to force everyone to not use tools like gEdit as root is becoming more of an inconvenience than they realize, there must be a safe way to do this!
I have a program that generates large amounts of apparmor log messages. I'm happy to enforce restrictions on the program but I really don't want it to fill my log with messages every time it attempts to read a file.
Is there a way to let it enforce restrictions but not log denials?
As part of server hardening process i would like to know the Best way of System Logging and Auditing.Following pointould be taken into consideration.Logging of critical eventsLogging access to critical accountsSecure storage and availability of logsReview of logsSecurity of logs
View 2 Replies View RelatedWhere I work we have a lan, it is almost 100% windows machines except for 2 CentOS machines in which some clients connect to, via VPN. (very small network, <50 ip's used)
I would like to know if there is a way to block access from that machines to others in the network. I'm already logging traffic (with IPTraff) to see if they're accessing other machines in the network others than the ones they should connect.