Change root username - linux

I run a webserver on a VPS. For security I would like to change the default linux root username to something else. How do I do this and are there any implications I should consider before doing this?


Solution 1:

Ah security through obscurity... The username itself is only defined in /etc/passwd and /etc/shadow so yes you could very easily go in and change it. One thing to keep in mind is the various moving parts of a server which may default to point to root which would no longer exist and potentially start breaking things and making it that much more interesting to troubleshoot.

If you're intent is to try and secure your VPS there are much more efficient ways than just changing the username and potentially causing headaches down the road. I knew an admin that did this with an old NT server by removing the administrative shares and later caused problems installing software. Security through obscurity doesn't really do anything but provide a false sense of security.

If you want to secure the box, I would start by adding yourself a non-root account, disable passwords (PasswordAuthentication no) and use SSH identity keys (PubkeyAuthentication yes)to authenticate remote logins, setup sudo access for your account and disable remote root login (PermitRootLogin no) through SSH. If you want to go a step further setup a group that is allowed to remotely connect and use the AllowGroups option to only allow accounts belonging to that group to login.

Solution 2:

Offtopic: No offense, but changing the root username to something else hasn't got anything to do with security. Do you want to do this to prevent SSH brute-force login attempts?

On Topic: The username alone is not that important, it's the UID. If it stays 0, I don't think you'll encounter problems.

Solution 3:

You can disable the ability to have someone log in as root by disabling the root account. This would prevent anyone from logging in as root locally, via SSH, using su, or any other method that would require providing the root password. However, it shouldn't break anything that might require a root user named 'root.'

To do this, lock the root user's account:

passwd -l root

or replace the password hash for the root user in /etc/shadow to just an exclamation point.