1

currently I'm actually having a security concern regarding acquiring root privilege on my server.

Current situation: I login using SSH to my server and I use my user account for this, this user account can also get root privilege with the same password.

Required situation: Login with the user, require a DIFFERENT password for root privilege.

Rmano
  • 31,627
  • 16
  • 118
  • 187
TheLinuxNoob
  • 53
  • 1
  • 1
  • 4
  • Why? I do not see any advantage. If you need a password to share with someone, simply create another account without `sudo` privilege. You can [activate root login](http://askubuntu.com/questions/44418/how-to-enable-root-login), then disable `sudo` privileges for your account and use plain `su`, but in my experience that is never a good idea. – Rmano Dec 07 '14 at 10:27
  • Well if one retrieves my account/password combination they can simply login and get root privileges with possibly bad consequences. As said, I'm relatively new to the ubuntu systems and it just doesn't seem like a good idea to have two identical password (one that also gives root privileges), but that's just my opinion. – TheLinuxNoob Dec 07 '14 at 11:09
  • You have exactly the same risk of someone hijiacking the root password, no? having two of them will not help. If you need to login from an insecure site without `ssh` (don't), you can set up an unprivileged user; it's safer. – Rmano Dec 07 '14 at 11:11
  • Yes, that is indeed true. Since I have OpenVPN running on this machine, would making SSH only accessible from this network make it more secure? – TheLinuxNoob Dec 07 '14 at 11:22
  • I recommend reading https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-12-04 --- applies to 14.04 – Rmano Dec 07 '14 at 11:30
  • Oh wow, that is actually pretty nice! Thank you very much for your time in helping me. :) – TheLinuxNoob Dec 07 '14 at 11:37

0 Answers0