Force Users To Use Root Password Instead Of Their Own Password When Using Sudo Command

Force Users To Use Root Password

11 Responses

  1. Anders Jackson says:

    IF your password is compromised, you need to change it, everywhere. Check all computers you have ssh-login on. Reinstall the computer.

    Blocking and forcing to use root password will not help.

  2. Steve From NH says:

    Don’t ever do this. If you know your password is compromised and a hacker is using it to do admin things via sudo then it’s too late. Time for a re-installation.

    • SK says:

      Yes, agreed. Let us say “Steve” is the only one Administrator who manages all systems. If someone has hacked Steve’s password, the hacker can’t do any destructive tasks without knowing the root password. So, the admin can immediately either change the password or re-install the entire system before the hacker breaks the root user password. I have edited and added a disclaimer note in the guide now. Thanks.

  3. regexp says:

    This will add little bit security to your system.

    No it doesn’t. Not in any way. Now your user has the root password which is most likely written on a post it note (or worse: in last pass). No one should ever use or see the root password. Ever. Mature companies implement Password Access Management tools that automate privileged access and can disable an account globally if compromised. In addition – you can have root credentials auto-rotate after each use if that type of access is required. That dramatically improves security.

  4. Seth McCombs says:

    So the solution to an admin’s password being compromised, is to give out the ROOT password to MORE people?

    • SK says:

      I didn’t mention anywhere giving root password to more people. This method is for only one person who manages all systems.

  5. really, really, stupid.

    If I had hacked _your_ account, and you had sudo rights. I’d change the root password, if there was one (which there shouldn’t be)

  6. Kevin says:

    To the commenter who said “there shouldn’t be a root password” – so the answer is to allow ordinary users to perform all admin tasks, protected by nothing but their own, often easily-guessed or phished, password? Besides, what do you do if you need to boot into emergency mode and the system prompts you to enter the root password? Sudo is good to give limited access to certain people. Using it for full root access is misusing it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.