- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: renaming root account
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 11:57 AM
тАО11-12-2001 11:57 AM
Is there such a recommendation for unix/hp-ux?
how about the idea of creating a user with uid=0 and then removing the root account?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:02 PM
тАО11-12-2001 12:02 PM
Re: renaming root account
I think it is always uid=0 counts not the name.
-USA..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:06 PM
тАО11-12-2001 12:06 PM
SolutionDon't start down this road!
First, there may be software that references the account name 'root' in lieu of the uid=0.
Second, if you use SAM to remove an account, you specify the *name* not the *id*. The removal of files and directories, if you choose to do so, however, is done by *id*. You can see the problem!
Choose a good password. Convert to a trusted system. Allow root login only at the console by placing 'root' in /etc/securetty. These are all better options than changing 'root' to something else!!!
Regards!
...JRF...
- Tags:
- trusted mode
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:06 PM
тАО11-12-2001 12:06 PM
Re: renaming root account
I have never heard anyone in the Unix environment say to remove the root account. Trying to compare Unix and Windows security is the old Apples and Oranges thing. That being said, the root account should be protected at all costs.
Start with locking down access to root
echo console > /etc/securetty
The command above will limit external root access to the serial connected console or to the su - command from a user already on the box.
Take the approach of securing your box, not patching over the problems and you will learn more about your system and feel better about its security.
Just my thoughts,
C
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:07 PM
тАО11-12-2001 12:07 PM
Re: renaming root account
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:07 PM
тАО11-12-2001 12:07 PM
Re: renaming root account
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:08 PM
тАО11-12-2001 12:08 PM
Re: renaming root account
You can set other users up with different passwords and uid=0 for them to be root.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:08 PM
тАО11-12-2001 12:08 PM
Re: renaming root account
You would greatly have to modify the OS to change that behavior, unless you were building your own OS, it wouldn't be a good idea to even mess with that.
Purists will tell you to leave the unix account alone, don't add mutliple users with ids of 0, don't use software that changes the access of the "root" account or how it behaves. I tend to agree with that. There is software like CA's Access Control that tweaks the kernel and has the ability to change the root account itself, what it can access and do. There are other methods of securing a system and dealing with the power of root that do not modify the kernel. Sudo and PowerBroker are examples of those.
Even if you were to change the name root to something else, it really wouldn't do much to deter a hacker since the userid is still what matters.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:13 PM
тАО11-12-2001 12:13 PM
Re: renaming root account
And if it is common-knowledge, then you might question the whole point of renaming the root user.
The recommended practice is to leave root as is, change the system to Trusted, and change root passwords on a regular basis. Anyone who tries to hack in as root will disable root on the network (console = still OK) and will also leave their IP-address+date+time as a calling card as seen from the lastb command.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2001 12:13 PM
тАО11-12-2001 12:13 PM
Re: renaming root account
The name of an account, other than perhaps 'root' does not matter. File ownership and process privileges are determined by various forms of the numeric id (uid, euid).
If you like, create a new user, call him "Edward"; nte the uid, create some files for him; remove the entry from the /etc/passwd file and /etc/group files (or use SAM to delete the account), BUT leave the files. If you do an 'ls' on the files you will now see their ownership described by the uid instead of the name. Now add a new account with a different name. Look at your files again and note that they are now owned by the "new" user.
Only the numeric value is stored in the file inode. The /etc/passwd file simply maps number-to-name.
Regards!
...JRF...
Regards!
...JRF...