Sudo and root
Solved
Hello everyone!
I am on "Ubuntu" (Lubuntu to be exact) and I would like to know how to disable all passwords.
Like on "Puppy Linux", I want to be able to log in directly as "root" and have full rights on my machine (any file editing possible, any installation, in the console and in the graphical interface) without even having to type "sudo", "su" or any other password.
For now, I'm exploring Linux in emulation, so I don't care about security and it slows me down more than anything else.
At worst, entering a "root" password on startup like on "Backtrack", but nothing more!
As I researched, I did "sudo passwd root", "sudo passwd 'user'", and "visudo", but nothing satisfactory:
Impossible to modify /etc/default/grub in the graphical interface (for example).
"su" asks me for a password that I would have to re-enter in another console session, etc...
There you go, thanks!
I am on "Ubuntu" (Lubuntu to be exact) and I would like to know how to disable all passwords.
Like on "Puppy Linux", I want to be able to log in directly as "root" and have full rights on my machine (any file editing possible, any installation, in the console and in the graphical interface) without even having to type "sudo", "su" or any other password.
For now, I'm exploring Linux in emulation, so I don't care about security and it slows me down more than anything else.
At worst, entering a "root" password on startup like on "Backtrack", but nothing more!
As I researched, I did "sudo passwd root", "sudo passwd 'user'", and "visudo", but nothing satisfactory:
Impossible to modify /etc/default/grub in the graphical interface (for example).
"su" asks me for a password that I would have to re-enter in another console session, etc...
There you go, thanks!
7 answers
I'm on "Ubuntu" (Lubuntu to be exact) and I would like to know how to disable all passwords.
Very bad idea. A password is there to make your system secure. You can make them less frequent to type using tools like wallet managers (or keyrings) such as kwallet under KDE, but that's it.
Like on "Puppy Linux", I want to connect directly as "root" and have all rights on my machine (any file editing possible, any installation, in console and in the graphical interface) without even having to type "sudo", "su", or any other password.
Re-very bad idea. First of all, most graphical servers (xorg...) prohibit root logins in graphical mode. Again, for the same reasons. When you're logged in as a user (graphically), you're not supposed to administer the machine.
If you encounter a permission error, it's because you've made a mistake somewhere. If you want to administer the machine with graphical tools, you can use tools like kdesudo or gksudo, but they will at least require you to enter the password the first time.
Take the time to read this:
http://doc.ubuntu-fr.org/sudo
For now, I'm discovering Linux in emulation, so I don't care about security, and it slows me down more than anything else.
Well, keep a root console open. Anyway, root doesn't need a graphical interface to administer the machine, just a terminal. And if you really are allergic to text mode, then work with kdesudo and gksudo, but you'll have to enter passwords from time to time.
At worst, enter a "root" password at startup like on "Backtrack", but no more!
Under BT, I imagine you weren't logged in as root in graphical mode. Please reassure me...
While gathering information, I did "sudo passwd root", "sudo passwd 'user'", "visudo", but nothing satisfying. Impossible to modify /etc/default/grub in the graphical interface (for example).
That's normal, your text editor is running with user rights. The command "sudo passwd root" simply serves to activate the root account.
http://doc.ubuntu-fr.org/root
"su" asks me for a password that I should re-enter in another console session, etc...
Or in a console:
If you want to switch to root in a terminal:
... and if the root account is inactive, you can choose:
Good luck
Very bad idea. A password is there to make your system secure. You can make them less frequent to type using tools like wallet managers (or keyrings) such as kwallet under KDE, but that's it.
Like on "Puppy Linux", I want to connect directly as "root" and have all rights on my machine (any file editing possible, any installation, in console and in the graphical interface) without even having to type "sudo", "su", or any other password.
Re-very bad idea. First of all, most graphical servers (xorg...) prohibit root logins in graphical mode. Again, for the same reasons. When you're logged in as a user (graphically), you're not supposed to administer the machine.
If you encounter a permission error, it's because you've made a mistake somewhere. If you want to administer the machine with graphical tools, you can use tools like kdesudo or gksudo, but they will at least require you to enter the password the first time.
Take the time to read this:
http://doc.ubuntu-fr.org/sudo
For now, I'm discovering Linux in emulation, so I don't care about security, and it slows me down more than anything else.
Well, keep a root console open. Anyway, root doesn't need a graphical interface to administer the machine, just a terminal. And if you really are allergic to text mode, then work with kdesudo and gksudo, but you'll have to enter passwords from time to time.
At worst, enter a "root" password at startup like on "Backtrack", but no more!
Under BT, I imagine you weren't logged in as root in graphical mode. Please reassure me...
While gathering information, I did "sudo passwd root", "sudo passwd 'user'", "visudo", but nothing satisfying. Impossible to modify /etc/default/grub in the graphical interface (for example).
That's normal, your text editor is running with user rights. The command "sudo passwd root" simply serves to activate the root account.
http://doc.ubuntu-fr.org/root
"su" asks me for a password that I should re-enter in another console session, etc...
kdesudo kwrite /etc/default/grub & gksudo gedit /etc/default/grub &
Or in a console:
sudo nano /etc/default/grub
If you want to switch to root in a terminal:
su -
... and if the root account is inactive, you can choose:
sudo su - sudo -s
Good luck
Can you be logged in as root automatically like in recovery mode?
Well, you can remove the password by deleting the "x" from /etc/passwd on the root line, but basically it's wide open; anyone connecting to your machine can do whatever they want. It only disables authentication on a tty (you just have to type "root").
For the graphical mode, you can configure gdm or kdm for automatic login as a user (except root, which is never supposed to launch a graphical interface).
The kdesudo and gksudo commands don't work under Lubuntu (LXDE):
"GLib-GIO:ERROR:/build/buildd/glib2.0-2.26.0/gio/gdbusconnection.c....."
We would need the complete message and do a search on it with Google.
Isn't it possible to enter the "sudo" password just once at the beginning of the graphical session for all programs?
No, because you are logged in as a user. The first time you do a "sudo," it will ask for your password. Then, as long as this terminal is open, Linux will not ask you again (in this terminal).
You need to understand that what you're asking goes completely against what makes the "strength" and security of a Linux system. Linux is not designed for this. Everything I've pointed out in this message is just as many security holes that make your system very vulnerable. So, in a VM, it doesn't matter, but in real life, you'll have to get used to it.
I did "sudo nano /etc/default/grub," it works, but I would like to do the same without going through the console....
It's not possible because you'll need to at least instantiate kwrite, gedit, or any graphical editor via kdesudo or gksudo and thus invoke it from a terminal.
Or you'll need to allow root to log in graphically after enabling the root account and assuming gdm/kdm/xdm allows root to log in as root. Again, this completely goes against the philosophy of Linux, where the root administrator is distinguished from other users.
In my opinion, you're starting off on a wrong approach because it'll lead you to develop bad habits, but it's up to you.
Note that if you launch your graphical session as root (for example, through a startx launched in a root tty), all programs in the graphical session will be launched as root. That's actually why we prevent root from launching one, because otherwise the first malicious piece received can completely corrupt the system since it will also have root rights.
Well, you can remove the password by deleting the "x" from /etc/passwd on the root line, but basically it's wide open; anyone connecting to your machine can do whatever they want. It only disables authentication on a tty (you just have to type "root").
For the graphical mode, you can configure gdm or kdm for automatic login as a user (except root, which is never supposed to launch a graphical interface).
The kdesudo and gksudo commands don't work under Lubuntu (LXDE):
"GLib-GIO:ERROR:/build/buildd/glib2.0-2.26.0/gio/gdbusconnection.c....."
We would need the complete message and do a search on it with Google.
Isn't it possible to enter the "sudo" password just once at the beginning of the graphical session for all programs?
No, because you are logged in as a user. The first time you do a "sudo," it will ask for your password. Then, as long as this terminal is open, Linux will not ask you again (in this terminal).
You need to understand that what you're asking goes completely against what makes the "strength" and security of a Linux system. Linux is not designed for this. Everything I've pointed out in this message is just as many security holes that make your system very vulnerable. So, in a VM, it doesn't matter, but in real life, you'll have to get used to it.
I did "sudo nano /etc/default/grub," it works, but I would like to do the same without going through the console....
It's not possible because you'll need to at least instantiate kwrite, gedit, or any graphical editor via kdesudo or gksudo and thus invoke it from a terminal.
Or you'll need to allow root to log in graphically after enabling the root account and assuming gdm/kdm/xdm allows root to log in as root. Again, this completely goes against the philosophy of Linux, where the root administrator is distinguished from other users.
In my opinion, you're starting off on a wrong approach because it'll lead you to develop bad habits, but it's up to you.
Note that if you launch your graphical session as root (for example, through a startx launched in a root tty), all programs in the graphical session will be launched as root. That's actually why we prevent root from launching one, because otherwise the first malicious piece received can completely corrupt the system since it will also have root rights.
Thank you mamiemando!
I actually read those docs and I wasn't very satisfied...
Can we be logged in as root automatically like with recovery mode?
The commands kdesudo and gksudo don't work under Lubuntu (LXDE):
"GLib-GIO:ERROR:/build/buildd/glib2.0-2.26.0/gio/gdbusconnection.c....."
Isn't it possible to enter the "sudo" password only once at the beginning of the graphical session for all programs?
I did "sudo nano /etc/default/grub", it works, but I would like to do the same without going through the console....
Thanks again, see you later!!
I actually read those docs and I wasn't very satisfied...
Can we be logged in as root automatically like with recovery mode?
The commands kdesudo and gksudo don't work under Lubuntu (LXDE):
"GLib-GIO:ERROR:/build/buildd/glib2.0-2.26.0/gio/gdbusconnection.c....."
Isn't it possible to enter the "sudo" password only once at the beginning of the graphical session for all programs?
I did "sudo nano /etc/default/grub", it works, but I would like to do the same without going through the console....
Thanks again, see you later!!
I know that security-wise it’s not great !! Even though I think it’s a bit excessive (root + sudo + "keychain ...).
Let's say that for me (a beginner), disabling this kind of thing is also learning to understand it!
Once I've finished this phase, I definitely plan to leave the passwords...
By the way, your answers have really helped me in this regard, thanks again, see you later!!!
Let's say that for me (a beginner), disabling this kind of thing is also learning to understand it!
Once I've finished this phase, I definitely plan to leave the passwords...
By the way, your answers have really helped me in this regard, thanks again, see you later!!!
Actually, I don't use sudo as far as I'm concerned (I'm on Debian).
- The keyring allows me to avoid entering my instant messaging and email passwords. In practice, it stays open for the duration of your graphical session (so you enter a password to open it and it saves me at least three passwords)
- ssh-agent + ssh keys save me from typing a lot of passwords when I need to administer remote machines.
After, there might be a way to slice everything up by tinkering with pam, but I advise against going there because you risk not being able to log in at all if you mess it up.
If you want to understand how authentication works in Linux, I recommend reading:
You can also skim through what's discussed on Wikipedia and the Ubuntu documentation about pam, openldap, nis, etc., but be careful, it might quickly become quite "technical."
Good luck.
- The keyring allows me to avoid entering my instant messaging and email passwords. In practice, it stays open for the duration of your graphical session (so you enter a password to open it and it saves me at least three passwords)
- ssh-agent + ssh keys save me from typing a lot of passwords when I need to administer remote machines.
After, there might be a way to slice everything up by tinkering with pam, but I advise against going there because you risk not being able to log in at all if you mess it up.
If you want to understand how authentication works in Linux, I recommend reading:
man 5 passwd man 5 shadow man nsswitch.conf
You can also skim through what's discussed on Wikipedia and the Ubuntu documentation about pam, openldap, nis, etc., but be careful, it might quickly become quite "technical."
Good luck.