Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 30 May 2008 16:53:32 +0200 (CEST)
From:      Oliver Fromme <olli@lurza.secnetix.de>
To:        freebsd-questions@FreeBSD.ORG, gilles.ganault@free.fr
Subject:   Re: Renaming "root" to "homer"?
Message-ID:  <200805301453.m4UErWlE011463@lurza.secnetix.de>
In-Reply-To: <dsqs34tisuf7ajugi7ek1ni7bcd4hba58n@4ax.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Gilles <gilles.ganault@free.fr> wrote:
 > With all those scripts trying to connect to SSHd as "root", I was
 > wondering if it'd be OK to rename this account to eg. "homer", to act
 > as a first line of defense?
 > 
 > Are there unknown consequences to doing something like that?

Peope have already pointed out that it is a bad idea to
allow remote root logins, so I won't repeat that.  :-)

But to answer your question:  Renaming the "root" account
will probably break quite a log of things, for example
install scripts which often contain command like
"chown root bin/whatever", or start/stop scripts for
daemon processes that match for certain commands run
by "root", and so on.

So better don't do that.  Many programs expect that there
is an account called "root" with UID 0.  Otherwise they
will malfunction.

 > If not, is it done by just editing /etc/password with vi, or is there
 > a better way?

No, editing /etc/passwd directly doesn't work.  Instead,
you should use the vipw(8) tool, which does several things:

 - It locks the master.passwd file so nobody else can edit
   it at the same time.

 - It opens the master.passwd file with vi (or a different
   editor if you have the environment variable EDITOR set).

 - Afterwards it checks the master.passwd file for correct
   syntax and consistency, to prevent accidental breakage.

 - It generates the passwd file (for compatibility only)
   and the pwd.db and spwd.db database files.

 - Finally the lock is released.

Alternatively you can use the pw(8) command line tool to
edit, add or delete accounts and groups.  Please see the
manual page for details.

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"C++ is over-complicated nonsense. And Bjorn Shoestrap's book
a danger to public health. I tried reading it once, I was in
recovery for months."
        -- Cliff Sarginson



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200805301453.m4UErWlE011463>