https://www.ostechnix.com/force-users-use-root-password-instead-password-using-sudo-command
As we all know already, one of the advantages of using
‘sudo’ is we don’t have to give root user password to all users to do
administrative actions. The users who are added in the sudo group can
perform administrative tasks by simply invoking sudo command. Now,
Picture this scenerio. Let us say, you’re the only one system admin who
perform all administrative tasks, and your password is compromised by
some hacker. Now, the hacker can do all sorts of administrative actions
with sudo command, isn’t it? In such cases, we need to force some users
(Admins& to use root password instead of their own password. This is
just a simple example. The use cases might be different for you.
Disclaimer: Giving out the ROOT password to all
users is dangerous. This method is opt for only one system admin who
handles the entire systems in the network. Even If the system admin’s
password is compromised, the hacker still needs to break the root
password to do administrative tasks. So, the admin can immediately
change his/her password or re-install the system before the hacker take
down the system.
In this guide, We will see how to force users to use root password to do administrative tasks instead of using their own password when using sudo command.
This allows the user called sk to run any command using sudo privileges on any system. However, s/he needs to use the root password rather than his/her own password when using sudo command.
As you see, it prompts you to enter the root password, not the user’s own password.
Even if your password is hacked, the hacker still need to crack the root user password to get the root access on your system. This will add little bit security to your system.
Recommended Read: How To Reset Root User Password In Linux
And, that’s all. I hope this helps in some cases. If you find our guides useful, please share them on your social, professional networks and support OSTechNix. I will be soon here with another useful guide. Until then, stay tuned!
Cheers!
In this guide, We will see how to force users to use root password to do administrative tasks instead of using their own password when using sudo command.
Recommended Download – Free Cheat Sheet: “Linux Command Line Cheat Sheet”
Force Users To Use Root Password Instead Of Their Own Password When Using Sudo Command
Switch to root user using any one of the following commands:suOr,
sudo suOr,
su rootEdit sudoers file using command:
visudoAdd/modify as shown below in sudoers file.
Defaults:sk rootpw sk ALL = (ALL) ALL
This allows the user called sk to run any command using sudo privileges on any system. However, s/he needs to use the root password rather than his/her own password when using sudo command.
sudo ls -l [sudo] password for root: total 0 drwxr-xr-x. 2 sk sk 6 May 17 19:07 ostechnix drwxr-xr-x. 2 root root 6 May 17 19:11 sk
As you see, it prompts you to enter the root password, not the user’s own password.
Even if your password is hacked, the hacker still need to crack the root user password to get the root access on your system. This will add little bit security to your system.
Recommended Read: How To Reset Root User Password In Linux
And, that’s all. I hope this helps in some cases. If you find our guides useful, please share them on your social, professional networks and support OSTechNix. I will be soon here with another useful guide. Until then, stay tuned!
Cheers!
No comments:
Post a Comment