Re: Emergency mode when root account locked
On 12/12/20 7:29 pm, Andrei POPESCU wrote:
AND run sudo as root, for additional safety
Is this supposed to be ironic? I really can't tell.
There was a detailed discussion here about sudo being a security issue
on our systems. It appears to be default in debian 10, so most of us get
it as default. I looked at replacing sudo.
I found an article that explained how to strengthen it by forcing sudo
to require root password.
If somebody breaks in, they now need my root password to execute
commands that require root permissions (except a couple that I have
given nopasswd privilege).
It's pretty simple. AFTER you have tested your root password
add
Defaults rootpw
to /etc/sudoers
The result:
keith@asus3 Sat12Dec2020@22:49:38 :~$ sudo nano /etc/sudoers
[sudo] password for root: ***
You'll understand that root password must be working BEFORE you amend
/etc/sudoers
Ironic?
--
Keith Bainbridge
ke1thozgroups@gmx.com
Reply to: