Logging in as the Linux root user is not recommended. Logging in as root via an SSH connection is even more dangerous. We explain why and show you how to avoid it.
The Sword with Two Edges
You’ll need someone with authority to own and manage the parts of your operating system that are too important or too sensitive for regular users to handle.
This is where root comes into play. The all-powerful super user of Unix and Linux operating systems is root.
The root user account, like all other accounts, is password protected. No one else can access that account without the root user’s password. That means no one else can use root’s privileges and powers.
On the other hand, that password is the only line of defence between a malicious user and root’s powers. Passwords can, of course, be guessed, deduced, discovered written somewhere, or brute-forced.
If a malicious attacker learns root’s password, they can log in and do whatever they want with the entire system.
There are no limitations to what root can do because of their elevated privileges. It would be the same as if the root user left a terminal without logging out, allowing opportunistic access to their account.
Because of these risks, many modern Linux distributions do not allow root to log in locally, let alone over SSH.
The root user exists, but no password has been assigned to them. However, someone must be able to manage the system. The root user command is the answer to that riddle.
Nominated users can use sudo to temporarily use root-level privileges from within their own user account.
To use sudo, you must first authenticate by entering your own password. This temporarily grants you access to root’s capabilities. When you close the terminal window in which you were using your root powers, they expire.
If you leave the terminal window open, it will time out, reverting you to regular user status. This adds another layer of security. It safeguards you against yourself.
If you log in as root instead of a regular account on a regular basis, any mistakes you make on the command line could be disastrous.
You’re more likely to be focused and careful about what you type if you have to use sudo to perform administration.
Allowing root login via SSH raises the risks because attackers do not need to be local to try to brute-force your system remotely.
SSH Access and the root User
This issue is more likely to occur when you administer systems for others. Someone may have decided to set a root password in order to log in. Other settings must be altered to allow root to log in via SSH.
This will not happen by chance. However, it is possible for people who are unaware of the risks to do so.
If you take over the administration of a computer in that state, you must explain why it’s a bad idea and then restore the system to safe mode. If it was set up by the previous system administrator, the owners may be unaware of it.
To read our blog on “With this BIOS upgrade, you may play Doom directly from your motherboard,” click here
