[CS-FSLUG] Are ssh shared keys in the wild?

Peter Vasquez peter at vasquez.cc
Wed May 30 22:29:58 CDT 2012

With the most popular distros being Mint (based on Ubuntu), or Ubuntu
and its derivatives, the use of a locked root account has become
popular (or a 'standard' if you look at install base).  Single user
mode is not a problem with a locked/disabled root password as Ubuntu
and all of its derivates utilize a properly patched sulogin, which
handles this case specifically.  Going back to the original question
posed by Mark, what I like about using linode to host a linux vm is
that data partitions can be separated, and a clean vm containing only
the OS restored if/when any problems should arise.  A little
pre-planning and forethought (as well as routine maintenance and log
auditing) goes a long way. :)


On Wed, May 30, 2012 at 8:31 PM, Tim Young <Tim.Young at lightsys.org> wrote:
> In the general sense, it is not good to disable the root password.  Some
> distros require the root pw before you can boot into single-user mode.
>  Also, if you boot up and fsck fails, it asks for the root password before
> you can drop back into fsck-mode.  A savvy techie can get around those
> through a number of different approaches, but you need to know what you are
> getting into.
> If a generic someone were to simply ask me if they should disable the root
> password, I would say "it is usually not a good idea."  If they told me they
> wanted to disable it, we would need get into a discussion about what distro
> they were using, how would they deal with it if the box would not boot, etc.
>  If they could answer enough information, then it is fine.
> Does that answer your question?
>    - Tim Young
> On 5/30/2012 8:19 PM, Josiah Ritchie wrote:
>> Why do you say it is a bad idea to disable the root password?
> _______________________________________________
> ChristianSource FSLUG mailing list
> Christiansource at ofb.biz
> http://cs.uninetsolutions.com

More information about the Christiansource mailing list