Renaming "root" to "homer"?
olli at lurza.secnetix.de
Fri May 30 14:53:36 UTC 2008
Gilles <gilles.ganault at free.fr> wrote:
> With all those scripts trying to connect to SSHd as "root", I was
> wondering if it'd be OK to rename this account to eg. "homer", to act
> as a first line of defense?
> Are there unknown consequences to doing something like that?
Peope have already pointed out that it is a bad idea to
allow remote root logins, so I won't repeat that. :-)
But to answer your question: Renaming the "root" account
will probably break quite a log of things, for example
install scripts which often contain command like
"chown root bin/whatever", or start/stop scripts for
daemon processes that match for certain commands run
by "root", and so on.
So better don't do that. Many programs expect that there
is an account called "root" with UID 0. Otherwise they
> If not, is it done by just editing /etc/password with vi, or is there
> a better way?
No, editing /etc/passwd directly doesn't work. Instead,
you should use the vipw(8) tool, which does several things:
- It locks the master.passwd file so nobody else can edit
it at the same time.
- It opens the master.passwd file with vi (or a different
editor if you have the environment variable EDITOR set).
- Afterwards it checks the master.passwd file for correct
syntax and consistency, to prevent accidental breakage.
- It generates the passwd file (for compatibility only)
and the pwd.db and spwd.db database files.
- Finally the lock is released.
Alternatively you can use the pw(8) command line tool to
edit, add or delete accounts and groups. Please see the
manual page for details.
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd
"C++ is over-complicated nonsense. And Bjorn Shoestrap's book
a danger to public health. I tried reading it once, I was in
recovery for months."
-- Cliff Sarginson
More information about the freebsd-questions