08-09-2017
That was the issue. I was su into the root account. Is there any way to force password complexity on the root user as well?
10 More Discussions You Might Find Interesting
1. Forum Support Area for Unregistered Users & Account Problems
Well, I get this email -
Hello,
You have requested to reset your password on The UNIX Forums forums because you have forgotten your password. If you did not request this, please ignore it. It will expire and become useless in 24 hours time.
To reset your password, please visit the... (1 Reply)
Discussion started by: zyx
1 Replies
2. Solaris
Hi,
I am looking for a simple way to :
- force the user to change his password following the first connexion
- check the complexity of a password (password should has a least 8 characters with 1 special char and 1 alpha...).
Thinks for your help (1 Reply)
Discussion started by: dbsora
1 Replies
3. Shell Programming and Scripting
Hi
I have a script which uses expect and I run it on solaris 10 to set a common password for all users. I run it as `./script password` but when I tried to log into the system then I do not really have to type password, pressing ENTER on keyboard logs the user into system. (ssh)
This below... (2 Replies)
Discussion started by: upengan78
2 Replies
4. Solaris
Hello All,
I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies
5. Solaris
Boot device : /pci@1f,4000/scsi@3/disk@0,0:a File and args: -s cdrom
SunOS Release 5.9 Version Generic_118558-11 64-bit (6 Replies)
Discussion started by: agummad
6 Replies
6. Shell Programming and Scripting
Hello Friends,
I know this issue has been raised many times and hence I tried every resolution provided in the forum before I posted this issue again.
My Password-less RSA authentication was working fine for quite some time. Whenever the remote server password used to change I used to re-do... (5 Replies)
Discussion started by: mehimadri
5 Replies
7. Shell Programming and Scripting
Sorry to post this thread as it has been asked several times. But my question is that I need to write a shell script to transfer a file from machine A to machine B using sftp. I generated pvt-pub key pair and put pub key in machine b and lso make the pub file's permision 600. .ssh directory... (1 Reply)
Discussion started by: vsachan
1 Replies
8. SuSE
Hi,
I am setting password complexity in SLES 11. I am able to do most of things
pam-config -d --pwcheck
pam-config -a --cracklib
pam-config -a --cracklib-minlen=8
pam-config -a --cracklib-dcredit=-1
pam-config -a --cracklib-ocredit=-1
pam-config -a --pwhistory
pam-config -a... (1 Reply)
Discussion started by: solaris_1977
1 Replies
9. UNIX for Dummies Questions & Answers
Hi,
I have followed the below commands for key generation and ssh from one server to another with user mqm
cd /var/mqm/.ssh
mqm@A:~> ssh-keygen -t rsa
<public key creation>
mqm@A:~> ssh mqm@B mkdir -p .ssh
mqm@B's password: <entered_password>
mqm@A:~> cat /var/mqm/.ssh/id_rsa.pub | ssh... (4 Replies)
Discussion started by: Anusha M
4 Replies
10. UNIX for Beginners Questions & Answers
Hello Team,
Please help me to solve my Problem,
By mistake, I give full permission to /(root) directory. by using the following command "chmod -R 777 /"
after this, the client asks for the password to login via ssh. Before that, I an able to Login without a password.
Please help me to retrieve... (5 Replies)
Discussion started by: Shubham1182
5 Replies
LEARN ABOUT LINUX
sudo_root
sudo_root(8) System Manager's Manual sudo_root(8)
NAME
sudo_root - How to run administrative commands
SYNOPSIS
sudo command
sudo -i
INTRODUCTION
By default, the password for the user "root" (the system administrator) is locked. This means you cannot login as root or use su. Instead,
the installer will set up sudo to allow the user that is created during install to run all administrative commands.
This means that in the terminal you can use sudo for commands that require root privileges. All programs in the menu will use a graphical
sudo to prompt for a password. When sudo asks for a password, it needs your password, this means that a root password is not needed.
To run a command which requires root privileges in a terminal, simply prepend sudo in front of it. To get an interactive root shell, use
sudo -i.
ALLOWING OTHER USERS TO RUN SUDO
By default, only the user who installed the system is permitted to run sudo. To add more administrators, i. e. users who can run sudo, you
have to add these users to the group 'admin' by doing one of the following steps:
* In a shell, do
sudo adduser username admin
* Use the graphical "Users & Groups" program in the "System settings" menu to add the new user to the admin group.
BENEFITS OF USING SUDO
The benefits of leaving root disabled by default include the following:
* Users do not have to remember an extra password, which they are likely to forget.
* The installer is able to ask fewer questions.
* It avoids the "I can do anything" interactive login by default - you will be prompted for a password before major changes can happen,
which should make you think about the consequences of what you are doing.
* Sudo adds a log entry of the command(s) run (in /var/log/auth.log).
* Every attacker trying to brute-force their way into your box will know it has an account named root and will try that first. What they do
not know is what the usernames of your other users are.
* Allows easy transfer for admin rights, in a short term or long term period, by adding and removing users from the admin group, while not
compromising the root account.
* sudo can be set up with a much more fine-grained security policy.
* On systems with more than one administrator using sudo avoids sharing a password amongst them.
DOWNSIDES OF USING SUDO
Although for desktops the benefits of using sudo are great, there are possible issues which need to be noted:
* Redirecting the output of commands run with sudo can be confusing at first. For instance consider
sudo ls > /root/somefile
will not work since it is the shell that tries to write to that file. You can use
ls | sudo tee /root/somefile
to get the behaviour you want.
* In a lot of office environments the ONLY local user on a system is root. All other users are imported using NSS techniques such as
nss-ldap. To setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. This tends to
leave the system unusable. An extra local user, or an enabled root password is needed here.
GOING BACK TO A TRADITIONAL ROOT ACCOUNT
This is not recommended!
To enable the root account (i.e. set a password) use:
sudo passwd root
Afterwards, edit the sudo configuration with sudo visudo and comment out the line
%admin ALL=(ALL) ALL
to disable sudo access to members of the admin group.
SEE ALSO
sudo(8), https://wiki.ubuntu.com/RootSudo
February 8, 2006 sudo_root(8)