Force Users To Use Root Password Instead Of Their Own Password When Using Sudo Command

Force Users To Use Root Password

You may also like...

  • Anders Jackson

    IF your password is compromised, you need to change it, everywhere. Check all computers you have ssh-login on. Reinstall the computer.

    Blocking and forcing to use root password will not help.

    • Agreed. Sudo exists to prevent the need to give out a root password. This article is a bit much…

    • SK

      This method is for only one person who manages all systems. However, I must add an disclaimer note at the end.

  • Steve From NH

    Don’t ever do this. If you know your password is compromised and a hacker is using it to do admin things via sudo then it’s too late. Time for a re-installation.

    • SK

      Yes, agreed. Let us say “Steve” is the only one Administrator who manages all systems. If someone has hacked Steve’s password, the hacker can’t do any destructive tasks without knowing the root password. So, the admin can immediately either change the password or re-install the entire system before the hacker breaks the root user password. I have edited and added a disclaimer note in the guide now. Thanks.

  • regexp

    This will add little bit security to your system.

    No it doesn’t. Not in any way. Now your user has the root password which is most likely written on a post it note (or worse: in last pass). No one should ever use or see the root password. Ever. Mature companies implement Password Access Management tools that automate privileged access and can disable an account globally if compromised. In addition – you can have root credentials auto-rotate after each use if that type of access is required. That dramatically improves security.

    • SK

      Agreed.

  • So the solution to an admin’s password being compromised, is to give out the ROOT password to MORE people?

    • SK

      I didn’t mention anywhere giving root password to more people. This method is for only one person who manages all systems.

  • really, really, stupid.

    If I had hacked _your_ account, and you had sudo rights. I’d change the root password, if there was one (which there shouldn’t be)