Renaming "root" to "homer"?
Bob Johnson
fbsdlists at gmail.com
Fri May 30 15:20:27 UTC 2008
On 5/29/08, Gilles <gilles.ganault at free.fr> wrote:
> Hello
>
> With all those scripts trying to connect to SSHd as "root", I was
> wondering if it'd be OK to rename this account to eg. "homer", to act
> as a first line of defense?
I doubt it.
>
> Are there unknown consequences to doing something like that?
>
Probably, but if we knew what they were, they wouldn't be unknown.
> If not, is it done by just editing /etc/password with vi, or is there
> a better way?
>
Use vipw. That invokes vi (or your default editor if that's not vi) to
edit the account database (which isn't actually /etc/passwd), and when
you exit from vi, it runs the scripts necessary to update all the
right things.
Lots of peeps have already pointed out the downside of this, but if
you really think it's what you want to do, probably the best way to do
it is to create a second admin account named "homer" or whatever. In
/etc/passwd, the "toor" account is an example of this (it is disabled
by default). They both have UID 0 and are effectively the same
account, just accessed by different names and passwords. Then change
the root password to be invalid, so the attackers can hack away all
day and have no chance of guessing the root password. You do that by
putting a * in the password field (the second field) while you are in
vipw.
I (along with many others) think you should find a solution that
doesn't require remote admin logins, but while you do the reading
necessary for that, this at least seems to quickly accomplish your
goal.
- Bob
More information about the freebsd-questions
mailing list