1

I some areas, I'm gradually getting used to linux, but in others (like this one) I'm still 99% noob. As an XP refugee, I've used Mint and am now on 18 Sarah.

I am not concerned about protecting the machine from my fat fingers, I never login as root. I am not concerned about protecting the machine from other people in my house, I trust them. I am concerned about leaving the machine on 24/7, connected to the net, visiting forums, using transmission, and being attacked from outside.

The default Mint install makes the first account a sudoer, and sudo requires the same password as the account. So with my easy to guess username, only one password is needed to mess with the machine.

While trying to setup NFS/Samba/SSH etc, I have read various (alarmist?) warnings about security. Many of the improvements involve things like squashing root, so requiring guessing two passwords instead of one before getting the ability to mess remotely with a machine. Which sounds OK.

I have discovered that putting the line 'Defaults rootpw' in sudoers makes sudo require the root password rather than the user password. This apparently improves security to needing two passwords for admin stuff.

However, there is still an account on the machine with the easy to guess name 'root' that requires only a single password to do damage.

The ubuntu argument for a disabled root account is designed to address just this shortcoming. One Ubuntu site says that if you have accidentally enabled root, to disable it again using sudo passwd -dl root.

Which sounds good, except wouldn't this then remove the root password that Defaults rootpw now requires, improving root account security but degrading the user/sudoer account back to requiring only one password?

I am reluctant to experiment with disabling root while I have Defaults rootpw set, I don't want to risk sawing off the branch that I'm sitting on, even though I have just done a full backup.

Is it the case that Mint always has an account with only a single password to guess, or is there a way to put two passwords in the way of an external attacker, as Defaults rootpw appears to do, but doesn't.

Improve this question

1 Answer 1

Reset to default
0

While there's some truth to what you're saying, it's worth noting that one shouldn't log in as root directly.

In practice this relates to a line in sshd_config, namely PermitRootLogin. This should not be simply set to yes if you want to improve upon security.

For as long as I can remember on both mint, other linux distros, as well as FreeBSD, The usual practice is to log in as a normal user, then sudo or su to use the root account.

Combine this with your own research (Defaults rootpw), and the result it that while both usernames are easily known, two passwords are required.

When it comes to default behavior, Mint 18 allows root login via SSH, but only via pasword-less authentication, as dictated by the PermitRootLogin prohibit-password line. This enables login methods such as private/public keys, and disables any ability to brute force the root password.

Improve this answer
1
  • My sshd_config doesn't have a PermitRootLogin line, it does have a PermitLocalCommand = no however. Assuming I never want to ssh into this machine, stopping the ssh server should give all that and more security. I do want to ssh to other machines, which should still work? Is ssh the only way in, or are there other routes into the machine? I am behind a firewalled ADSL router, whatever that means. I've read somewhere about Mint's own firewall being off by default. Is that true, does it matter, what does enabling it stop?
    – Neil_UK
    Commented Nov 29, 2016 at 11:25

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .