Comments on: 4 Ways to Disable Root Account in Linux

By: Eric

Eric — Mon, 30 Jan 2023 18:31:15 +0000

Security through obfuscation, although not 100% secure, will cause most attackers to stumble. They would need to discover the name or ID of the administrative user before they could continue their attack on the system.

This piece of security goes right in with things like changing the port number for SSH. Neither absolutely stops attackers but making their job harder is still an increase in the security of the system.

By: alex

alex — Fri, 04 Nov 2022 16:05:54 +0000

Dear friends,

Indeed the omnipotent root user and the omnipresent root username is probably the go-to path of any attack by a forged login.

With the development of linux over the years, various tools have been made, including backdoors that need to be managed. That’s why root access is the key place to safeguard and obfuscate, and your article is so useful.

Thank you very much!

alex

By: dragonmouth

dragonmouth — Thu, 27 May 2021 20:09:35 +0000

From my reading of the article, it looks like there is no one method that will universally (in ALL possible programs) disable root user from logging into the system. Each one of the mentioned methods disables root login for only certain programs. Seems like a hit and miss, error-prone procedure. The procedure to restore root access could be even more error-prone and fraught with pitfalls.

“any errors by the root user may have huge implications on the normal operation of a system. In addition, this account may also be abused by using it improperly or inappropriately either accidentally, maliciously, or through contrived ignorance of policies”.

It is to be assumed that, by the time somebody attains the position of System Administrator, that person has become thoroughly versed in command language and is trusted by management not to abuse his/her powers.

“It is advisable to disable the root access in your Linux server, instead, create an administrative account which should be configured to gain root user privileges using the sudo command, to perform critical tasks on the server”.

But is it logical? A System Administrator needs complete, unfettered access to a system to perform his/her job properly. To create an”administrative account” without access to ALL the commands and utilities is ludicrous. On the other hand, if this artificial “administrative account” has all the root privileges, then no problems have been prevented. Sudo command will in no way prevent system destruction through inappropriate use of commands. Neither will it prevent any abuse or willful bad acts.

This article is an exercise in what is theoretically possible but it has very little practical application.

By: Aaron Kili

Aaron Kili — Mon, 14 Dec 2020 07:55:45 +0000

In reply to Mark.

@Mark

Maybe the heading is misleading, but this guide is all about disabling normal root login.

By: Mark

Mark — Fri, 11 Dec 2020 21:54:05 +0000

Don’t think it is wise to disable the root user completely. If the server has a problem on boot it will require the root user to fix it in single-user mode. it will likely prompt for the root password.

Better to disable ssh login for root as in method 3 here in sshd_config. This way you can’t log in directly as root over the network, but will still be able to login to root on the console if needed.