1. Dude.. Give Ubuntu a skip and try Debian.. (i.e. If you don’t mind Over-User-Friendliness and ‘teh cool effectz! *squeal!!1!!11\!’*)

    Reason being it’s much more stable.

    And Um.. FYI, Debian HAS Root Account.. You can disable it by installing sudo. (Nope.. Not Installed by default)

  2. Subbu: Ubuntu was on my VM. Was just exploring it. Not the greatest fan of Ubuntu. I’m waiting for openSUSE 11, if it’s any good I’ll upgrade openSUSE 10.3 to 11. Else I’ll just shift to Debian or maybe even Gentoo.
    Debian has root account enabled by default? Read it’s disabled :?

    1. Re: Debian root disabled.

      This depends on how it was installed. If you install it yourself you can disable root by leaving the root password blank when the installer asked for a root password. This disables root and automatically installs sudo as well as adds the first user (created in the next screen on the installer) to /etc/sudoers.

      If you get like a vps or something that has debian installed via script, root will be disabled or enabled at the request of the script.

      Re: Cool effects.

      This has nothing to do with the distro directly, it’s a product of whatever GUI you install. Granted, some distros have eyecandy enabled by default, but it would be incorrect to assume that distro X can’t have cool effects but distro Y can. You can have Debian +KDE4 + wobbly windows or just debian without any GUI at all. It’s all in the configuration.

  3. uff, sudo command has no users added in debian brands.. so this article is invalid, and only works in win-buntu…

    the file /etc/sudoers in debian, does not have entries for nobody, therefore no user is able to run the command sudo .. so, this does not allow him to make changes

    Subbu was right, u must use a real linux for future corrections in articles ¬_¬!

    More Info for a real linux distro : McKAY Debian and linux issues (packages and howtos)

    1. in the Debian 7 Wheezy installation you decide:
      – if you want a root account, it is disabled the sudo for the user created
      – if you do not want root account (just left blank the password, as says the installation description), the user created have sudo powers.

      So depends on your decision, this blog post (still) valid for your 2014’s Debian

  4. in regards to disabling the root account, which I am a fan of, you can still use sudo su – to switch to the root account, when needed.

  5. Pingback: Vinayak
  6. @mudfly : bad idea to do it that way (can wreak havoc with environment variables and such thing). Rather use the proper way to do it (with sudo), which does not involve “su” at all : “sudo -s”, and voilà ;)

  7. @nitish: check on pam_usb ;)

    Bear in mind that it will not be multi-factor authentication, though (multi-factor implies at least two of the following: owning something, knowing something, and individually be someone): the fact that anybody easily copying your USB key will be able to impersonate you without any problem makes it so it will only give the illusion of necesitating to own something, while actually, it will just be one-factor authentication, with a secret a tad more difficult to know (nothing more, nothing less).

    Multi-factor authentication would involve biometry (meh…), or crypto-token (a smartcard, plugged in a USB reader, and protected by a PIN, which would lock the card after a defined number of failures: much, much, much better, though hardcore physical fiddling with the smartcard could still expose the key, of course – but it would be something your usual Joe would have a lot more problems to accomplish than a “dd” or “cp” of your USB drive).

  8. Pub key authentication is still valid even if the password is locked. This is written explicitly in the manual of passwd:

    Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use usermod –expiredate 1 (this set the account’s expire date to Jan 2,

    Next time take a peek in the manual before publishing on the Internet.

Leave a Reply

Your email address will not be published. Required fields are marked *