What you need to know about root, su and sudo in linux
Table of contents:
- What you need to know about root, su, sudo and rootkits on Linux
- Root
- How to access root from terminal
- Unlock the root user account on your computer
- Login as root
- Reset root password
- HIS
- SWEAT
- Conclusions
One of the main features that makes Linux attractive for use on servers and supercomputers in the world is its extra layer of security. If you are already a Linux user, you may have already noticed that to carry out some administrative activities, the system asks you for an access key. That is the extra layer of security that I mean. Keep reading our post and you will find what you need to know about root, su and sudo in Linux.
What you need to know about root, su, sudo and rootkits on Linux
In general, operating systems contemplate the use of only one user, who has administrator permissions. In Linux, things are handled in a particular way, the common user account is separated from the superuser account and that is what we know as root.
Root
When we refer to root, we are talking about the superuser account in Linux, that is, the one that has all the privileges and permissions to perform actions on the system. As I mentioned earlier, for certain actions that affect the file system, root access is required. That is why for the execution of some commands we must enter said access (root password). However, you must have an understanding of the actions that are taken, since an action performed in the wrong way could cause significant damage to the system. The use of instructions with superuser privileges can be extremely useful, but totally devastating if we do not know the consequences of their use on the system.
How to access root from terminal
To enter the system in superuser mode we use the following command:
his -
Which works to enter the system using any other defined user, but by leaving it blank or placing the -, the system assumes that the entry is from the root user. After execution, the terminal will ask you to enter the corresponding password.
After that, two scenarios can occur:
- You get login as superuser. To verify it, look at the command prompt, it should change from "$" to the "#" symbol. You receive an authentication error, which indicates that the root account is probably blocked (you must be sure that you entered the key correctly hehe). For this case, the solution is later, keep reading?
The command will remain active until you log out. This will allow you to execute any instruction without the need to write the password for each of the cases.
Unlock the root user account on your computer
Many of the distributions lock the root account so that inexperienced users have access to it. However, it can be unlocked (enabled) and then log in with it. To do this you must execute the following in the terminal:
sudo passwd root
When I ask you to enter a password, you enter your username. Then it will ask you to create a new password, you must enter it twice. Once this is done, the root account will be enabled and you can enter it without problems.
If for some reason you want to deactivate it again, just execute the following instruction:
Login as root
This is a little recommended practice, since keeping a root user session permanently open could have serious consequences and render the system useless. The advisable thing is to use it through temporary means (command su or sudo, which I will talk about in the next section). Or log in only in emergencies, such as restoring user accounts or resolving disk-related failures.
The procedure is simple. When entering Linux, you put “root” in the username field and its corresponding password in the password field. Remember that to log in the root account must be enabled (see the method to enable it in the previous section).
If at the moment you receive an error message, it may be because it is not enabled or you have forgotten it. If you do not remember the password, you can reset it, in the next section I explain how?
Reset root password
To reset it, you use the same method used to enable the account. That is, by executing the command:
HIS
It comes from the acronym in English " s ubstitute u ser" (change user), that is, its main function is to change user, without logging out, through the terminal. Generally, as I already mentioned, from a normal type account to the root account. Basically, the SU command allows you to enter the superuser account and use its privileges to be able to perform actions on the administrative files of the system.
Its syntax may well be just the command, where by default it assumes that the account is to be changed to root.
his
Or accompanied by the username
your (username)
This is quite useful for managing web servers, databases, or other services, where we can specify different users to perform certain administrative tasks.
It is also important to mention that you must be very careful when choosing the password for our root account. Since in this way, we prevent a user without privileges from carrying out an attack by executing su.
WE RECOMMEND YOUPhototonic: Light Organizer of photos and imagesSWEAT
Coming from the English “ s uper u ser do ” (super user beam). It is an alternative for executing commands, as if we were another user (including the root user), but under certain restrictions established on the delegation of privileges between them. Usually, in Linux this series of rules are established in the file: / etc / sudoers.
We can mention two notable differences with respect to su:
- When executing the command, request your own password and not that of the other user. This is beneficial for delegating tasks to other users without the need to share sensitive information such as passwords. Only the requested instruction is executed as superuser, without the need to change the user.
Its operation is not complex, sudo is written, just before the command that is required to be executed. For example, to install a package on the system, the syntax would be:
sudo apt-get install (package_name)
A notable fact to note about sudo is "grace time" which gives the user the ability to execute a sequence of instructions as another user, without having to enter the password again and again and then execute it. After that period, sudo will request the password again. Some specialists consider this as a security breach. Basically because if our computer is interrupted in that grace period, they could make disasters with our system.
However, said grace period can be disabled, which will enhance security. For this, it is only necessary to modify the / etc / sudoers file:
sudo nano / etc / sudoers
And we proceed to add the following line at the end:
Defaults: ALL timestamp_timeout = 0
The change does not require restarting the system.
Conclusions
The importance of the superuser in the Linux system is reflected in terms of its security. This represents a great benefit for multi-user system administrators. It greatly reduces malicious or intentional damage executed by another user, since it is not directly affected to the system or other users. Furthermore, it keeps critical system files a bit more isolated from malicious software. Additionally, the use of the superuser account reduces the possibility of making mistakes.
Any concerns, please feel free to contact us. Of course, take a look at our Tutorials section or our Linux category, where you will find lots of useful information to get the most out of our system.
Everything you need to know about netflix and the free account for a month
Brief guide to everything you need to know about Netflix and its free account for a month. Thanks to this reading.
Sd and microsd cards, everything you need to know and the best options
We have prepared a guide with the main characteristics of SD cards and we have made a selection to facilitate your purchase.
Should you buy a gaming chair? All you need to know
When purchasing a new chair, many users wonder if they should purchase a gaming chair. The answer is yes, and these are the reasons
