AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Software > OS, Software, Firmware, and BIOS > Linux

Linux Questions and information concerning Linux


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 18th July, 2009, 06:51 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Changing root ID in Mint 7

I'm trying to give Patti one of my Mint 7 drives...can the root be changed to make this her Mint...or should I start over with a clean install for her?
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 18th July, 2009, 07:47 PM
Member
 
Join Date: April 2005
Location: AZ
Posts: 2,446

I'd give her a clean install, just to make it her own. We can transfer files from her fedora install, but transfering settings isn't really a good idea.
__________________
Biostar TForce X58 - Core i7 920 - 12GB Corsair Dominator DDR3 - EVGA 560ti - PCP&C 750W - Dual boot, Arch Linux/WinXP
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 18th July, 2009, 08:38 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

No need to transfer, I have her stuff on a thumb drive...if we can give her ownership without to much hassle or messing Mint up? It's pretty nicely setup for her, just installed the OS in my name...
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 23rd July, 2009, 12:48 AM
booman's Avatar
AOA Staff
 
Join Date: December 2005
Location: Mesa AZ
Posts: 4,030

This brings up a question....
Can you change the "root" name like changing "Administrator" in windows?
__________________
Booman
Mint 17.3 64-bit
Wine 2.0
PlayOnLinux 4.2.10
Linux Guides: PC Games Linux Beginners Tips Linux Games List
Mack Truck Dungeon Of Fire Spray Booth Tutorial
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 23rd July, 2009, 01:44 AM
Member
 
Join Date: April 2005
Location: AZ
Posts: 2,446

It can be done, but many programs rely on a root account. (Sudo for example) By changing the name, "root" no longer exists so the app will stop.

You can create an alias and give that the same UID as root, but not much point in that.
__________________
Biostar TForce X58 - Core i7 920 - 12GB Corsair Dominator DDR3 - EVGA 560ti - PCP&C 750W - Dual boot, Arch Linux/WinXP
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 23rd July, 2009, 02:33 AM
booman's Avatar
AOA Staff
 
Join Date: December 2005
Location: Mesa AZ
Posts: 4,030

thats not cool cause if someone wants to hack into a linux, the first account they will try is root.
__________________
Booman
Mint 17.3 64-bit
Wine 2.0
PlayOnLinux 4.2.10
Linux Guides: PC Games Linux Beginners Tips Linux Games List
Mack Truck Dungeon Of Fire Spray Booth Tutorial
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 23rd July, 2009, 02:57 AM
Member
 
Join Date: April 2005
Location: AZ
Posts: 2,446

Just like any OS, it is basically only as secure as the password protecting it, at least in cases of outside intrusions. Pretty much vulnerable if they get ahold of your rig though.
__________________
Biostar TForce X58 - Core i7 920 - 12GB Corsair Dominator DDR3 - EVGA 560ti - PCP&C 750W - Dual boot, Arch Linux/WinXP
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 23rd July, 2009, 04:38 AM
Gizmo's Avatar
Chief BBS Administrator
BassTeroids Champion, Global Player Champion, Aim & Fire Champion, Puzzle Maniax Champion, Othello Champion, Canyon Glider Champion, Unicycle Challenge Champion, YetiSports 9: Final Spit Champion, Zed Champion
 
Join Date: May 2003
Location: Webb City, Mo
Posts: 16,178
Send a message via ICQ to Gizmo Send a message via AIM to Gizmo Send a message via MSN to Gizmo Send a message via Yahoo to Gizmo Send a message via Skype™ to Gizmo

Quote:
Originally Posted by booman View Post
thats not cool cause if someone wants to hack into a linux, the first account they will try is root.
Which is why any Unix/Linux admin with a clue denies remote login to the root account (and might even deny root login entirely).

In addition, you can configure logins to use certificates instead of passwords. With a decent certificate encryption, you can make hacking the shell near to impossible, even if you know a username that is valid and has the rights to su.

As far as I know, neither of these options is available with Windows. The Administrator ALWAYS has access to the box, and you can't use certificates instead of passwords (although the ability to use passphrases with, I believe, Windows XP SP2 and higher mitigates that to some degree, as does the ability to rename the Administrator account).

This MIGHT have changed with Vista and Windows Server 2008 (and maybe even with Windows 2003 domains); I have to admit I'm not completely up on that.

A little historical note: the 'root' user HAS to exist on Linux/Unix systems, because the system boots as the root user (UID 0). This is the reason why root's home directory is always /root; it has to be accessible as soon as the file system is brought up, whereas the rest of the users can be on /home, which can be on a completely different volume that is not mounted until some later point in the boot process.

As CCPerf says, there are hacks that get around this and allow you to rename the 'root' account, but AFAIK they tend to be rather ugly and break stuff.

Last edited by Gizmo; 23rd July, 2009 at 04:49 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 23rd July, 2009, 04:01 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Looks like it's a fresh install then. Thanks guys, always a big help knowing what's worth trying and what is not!! ":O}
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 23rd July, 2009, 11:13 PM
booman's Avatar
AOA Staff
 
Join Date: December 2005
Location: Mesa AZ
Posts: 4,030

Guess I don't have a clue because I don't know how to deny remote login in Linux.
__________________
Booman
Mint 17.3 64-bit
Wine 2.0
PlayOnLinux 4.2.10
Linux Guides: PC Games Linux Beginners Tips Linux Games List
Mack Truck Dungeon Of Fire Spray Booth Tutorial
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #11 (permalink)  
Old 24th July, 2009, 12:20 AM
Member
 
Join Date: April 2005
Location: AZ
Posts: 2,446

Biggest security risk in linux is ssh, if you have no need to login remotely to your rig, just disable ssh. I think most distros use /etc/services as the master file now, but I am not positive.

If you do have a need to login remotely, then deny root login through ssh config file. It's usually under /etc/ssh or similar

Other things I will do is move the listen port for ssh from the default of 22 to something else. Make em guess at which port it is.

I will also use some simple iptable rules to limit the number of login attempts to 6 per minute, (slows down brute-force attacks to the point they are innefective).

While a lot of people will say using sudo is safer than su'ing to root, I don't. If they do manage to come up with your username and password through ssh, then they can just use sudo to do whatever they want because they already have the password.

There are also a ton of scripts out there that can monitor logs and then perform an action based on what is happening.
__________________
Biostar TForce X58 - Core i7 920 - 12GB Corsair Dominator DDR3 - EVGA 560ti - PCP&C 750W - Dual boot, Arch Linux/WinXP

Last edited by ccperf721p; 24th July, 2009 at 12:22 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #12 (permalink)  
Old 24th July, 2009, 12:25 AM
booman's Avatar
AOA Staff
 
Join Date: December 2005
Location: Mesa AZ
Posts: 4,030

Great tips Cliff!
I bet that I can disable SSH in my services and that would do it.
I'll have to do some research on "listen port" to figure out how to change it. And I'll have to do some research on how to change the login attempts. These tips help a lot because someday I know that I'll setup a Linux server for someone and I'll need to secure it from the rest of the world.
Thanks
__________________
Booman
Mint 17.3 64-bit
Wine 2.0
PlayOnLinux 4.2.10
Linux Guides: PC Games Linux Beginners Tips Linux Games List
Mack Truck Dungeon Of Fire Spray Booth Tutorial
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #13 (permalink)  
Old 24th July, 2009, 03:04 AM
MightyMar22's Avatar
Member
 
Join Date: June 2005
Posts: 182

besides disabling the sshd service, you might also want to chkconfig sshd off. this will prevent the sshd service from getting started after a reboot.
__________________
E8400@4GHZ
ASUS P5K-E WIFI/AP
XFX 8800GT
CORSAIR DOMINATOR 2x2G@1081mhz
CORSAIR 620W (620HX)
THERMALTAKE KANDALF LCS

Last edited by MightyMar22; 24th July, 2009 at 03:21 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #14 (permalink)  
Old 24th July, 2009, 04:51 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

I reinstalled Patti in Mint all went very well":O}
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #15 (permalink)  
Old 24th July, 2009, 05:46 PM
Member
 
Join Date: April 2005
Location: AZ
Posts: 2,446

If and when you update it see if it updates the kernel. My mint powered system is still holding back the kernel update, so I'm thinking your system allowed the kernel update to slip through before it was flagged and the rest of the updates are now breaking because of it..
__________________
Biostar TForce X58 - Core i7 920 - 12GB Corsair Dominator DDR3 - EVGA 560ti - PCP&C 750W - Dual boot, Arch Linux/WinXP
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #16 (permalink)  
Old 24th July, 2009, 06:11 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

I've updated Everything in 2# and 3# column, nothing in the 1# column. No Mint System files. Haven't had time to retry them and see if I need to restore...":O}
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
19 yo girl's mint linux PC dsio Linux 4 9th September, 2009 08:47 PM
Help with Mint 7 updates Daniel ~ Linux 68 8th August, 2009 06:08 PM
Hey Sony, seen any good root kits lately? Daniel ~ Data Security 0 28th August, 2007 05:46 PM
Email Notification: The Root of All Evil Superman Random Nonsense! 4 27th September, 2001 01:35 AM


All times are GMT +1. The time now is 02:47 AM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0