|OS type and version
||Ubuntu Linux 22.04.3
||45 package updates are available
I enabled the root account in Unbuntu and then installed Virtualmin with the root account. The reason I believe the root account is disabled in Ubuntu by default is for security reasons.
So my question is, should I disable the root account (sudo passwd -l root) for security when I am done installing Virtualmin?
I am not a Linux expert and mainly work with Windowsm so what seems like a simple question for the community baffles me.
you can disable root login for ssh but you need root login to login into virtualmin.
You don’t need
root for Virtualmin. You need either a root user or an account that has
But, I would make sure you can login with that other user and that other user can do everything in Virtualmin before disabling root login.
is it really? not on any version of Ubuntu I have!
Might be worth keeping the root account as backup access but remove it from SSH.
By default, after a fresh Ubuntu installation, I believe
root user will not have a password set. And, that’s been the case since around Xenial (16.06) or Trusty (14.04), maybe even earlier. Your first user will be configured with
sudo ALL privileges. You can, of course, set a
root password, and many hosting providers do that with their Ubuntu image.
I have to set a password to be able to use
root. So maybe me using the term enabled, disabled is probably wrong.
I think most folks understand what you mean.
You do have to have a
root user (many processes start with UID 0), but you can disable direct logins as root in a variety of ways. Using the “lock” option in
passwd, as you mentioned above, is one (this sets the hashed password to start with
!, which will never match a hash and thus prevent all authentication as this user). Disabling
root logins in ssh is another (console root login still works). I tend to prefer the latter, as I like knowing I can get in on the console in the event everything else fails. But a sudo-capable user works for that, too, and you probably always still have single user mode, if you can get to the console.
That all makes sense, thanks for the help.
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.