Home / server / Questions / 443365
In Process
Jonathan Rioux
Asked: 2012-10-30 05:28:51 +0800 CST

Linux - How to manage the password of root?

  • 772

We have just deployed a couple of Linux server. Each sysadmin will have his own account on the server (i.e.: jsmith), and will connect using SSH with a certificate which will be put into the "authorized_keys" file in their home directory. Once connected on the server, if they want to issue an elevated command, they will do like:

sudo ifconfig

They will then enter the root password.

What I would like to know now are the best practices in managing that root password. Should I change it periodicaly? And how do I share that new password with the sysadmins?

**Of course I will disable the root logon in SSH.

linux

5 Answers

  1. If they are using sudo, then it will ask for their password and not root password, therefore no root password change needed. Just be sure to give them proper privileges in /etc/sudoers file.

    • 24

  2. You don't need to worry about root password when using sudo. Perhaps, I would recommend to disable root password by issuing

    sudo passwd -l root

    Although, before you do that, make sure that you've a relevant system user with all the privileges.

    You can always get root console by issuing

    sudo -i

    Following is a small script I use to provision my servers.

    #!/bin/bash

set -e

addgroup sysadmin
adduser newuser
usermod -a -G sysadmin newuser
chmod u+w /etc/sudoers
echo "\n# Added by <YOUR-NAME>\n%sysadmin ALL=(ALL) ALL" >> /etc/sudoers
chmod u-w /etc/sudoers
su newuser -c "mkdir /home/newuser/.ssh"
su newuser -c "chmod 0700 /home/newuser/.ssh"
su newuser -c 'echo "<YOUR-SSH-KEY>" >> /home/newuser/.ssh/authorized_keys'
su newuser -c "chmod 0644 /home/newuser/.ssh/authorized_keys"

    You may modify if according to your needs. Make it interactive, use a user vairable etc. :)

    Enjoy!

    • 6

  3. There is one condition where you actually need the root password: if a filesystem is fails fsck when booting, you will typically be prompted to enter the root password to obtain a shell prompt where you can repair the damage. At that point, neither regular user accounts nor SSH will be available. If the sysadmin doesn't know the root password, then the only other option would be to boot from alternate media.

    • 2

  4. According to best practices:

    • root account should be set, and changed at least every 3 months.

    • Ssh login with root user should be forbidden

      /etc/ssh/sshd_config comment the following line:

      PermitRootLogin yes

    • Sysadmins should login with their own accounts and use sudo when escalated privileges are required.

    • Create a group and put all sysadmins users in it

      groupadd <sysadm_group>
      groupmod -A <user1>,<user2> <sysadm_group>

    • edit /etc/sudoers file.

      visudo

      Add at the bottom:
      %<sysadm_group> ALL=(ALL) ALL

    • Root password should be stored on secure location, and used only in emergency situations.

    • 2

  5. My Notes about sudo: (PLEASE NOTE - my notes are just my collection from our very own google only. i post them because it may help newbies, slow-learners like me;).. if you say the info isnt correct, or just a copy from wiki, or plagiarism, blah blah blah, then let me know thru a comment, i would be very happy to delete my post, than your down-votes )

    From wiki page:

    1. Unlike the su command, users typically supply their own password to sudo rather than the root password.
    2. sudo is able to log each command run. Where a user attempts to invoke sudo without being listed in the sudoers file an error is presented to the user indicating that the attempt has been recorded in the system log.
    3. sudo may be configured to require the root password, or no password at all
    4. This file MUST be edited with the 'visudo' command as root. from wiki - visudo is a command-line utility that allows editing of the /etc/sudoers file in a safe fashion. It opens /etc/sudoers, using the vi editor's interface by default (although this can be changed by setting the shell's EDITOR environment variable to a different text editor), prevents multiple simultaneous edits with locks, performs sanity checks and checks for parse errors.
    5. The runas command provides similar functionality in Microsoft Windows but cannot pass current directories, environment variables or long command lines to the child. And while it supports running the child as another user, it does not support simple elevation. A true su and sudo for Windows that can pass all of that state information and start the child either elevated or as another user (or both) is included with Hamilton C shell.
    6. There exist several frontends to sudo for use in a GUI environment, notably kdesudo, and gksudo

    From man page:

    To get a file listing of an unreadable directory:

    % sudo ls /usr/local/protected

    To list the home directory of user yazza on a machine where the filesystem holding ~yazza is not exported as root:

    % sudo -u yazza ls ~yazza

    To edit the index.html file as user www:

    % sudo -u www vi ~www/htdocs/index.html

    To shutdown a machine:

    % sudo shutdown -r +15 "quick reboot"

    FAQ and Troubleshooting Tips

    http://www.sudo.ws/sudo/troubleshooting.html

    • 1