Change root username - linux

linux

I run a webserver on a VPS. For security I would like to change the default linux root username to something else. How do I do this and are there any implications I should consider before doing this?


Solution 1:

Ah security through obscurity... The username itself is only defined in /etc/passwd and /etc/shadow so yes you could very easily go in and change it. One thing to keep in mind is the various moving parts of a server which may default to point to root which would no longer exist and potentially start breaking things and making it that much more interesting to troubleshoot.

If you're intent is to try and secure your VPS there are much more efficient ways than just changing the username and potentially causing headaches down the road. I knew an admin that did this with an old NT server by removing the administrative shares and later caused problems installing software. Security through obscurity doesn't really do anything but provide a false sense of security.

If you want to secure the box, I would start by adding yourself a non-root account, disable passwords (PasswordAuthentication no) and use SSH identity keys (PubkeyAuthentication yes)to authenticate remote logins, setup sudo access for your account and disable remote root login (PermitRootLogin no) through SSH. If you want to go a step further setup a group that is allowed to remotely connect and use the AllowGroups option to only allow accounts belonging to that group to login.

Solution 2:

Offtopic: No offense, but changing the root username to something else hasn't got anything to do with security. Do you want to do this to prevent SSH brute-force login attempts?

On Topic: The username alone is not that important, it's the UID. If it stays 0, I don't think you'll encounter problems.

Solution 3:

You can disable the ability to have someone log in as root by disabling the root account. This would prevent anyone from logging in as root locally, via SSH, using su, or any other method that would require providing the root password. However, it shouldn't break anything that might require a root user named 'root.'

To do this, lock the root user's account:

passwd -l root

or replace the password hash for the root user in /etc/shadow to just an exclamation point.

Related

Sql server backups very slow
How do you deal with bosses that think you're slacking off? [closed]
Real one-time passwords (OTP) on Linux other than S/Key? [closed]
I get 1 failing SSH connection attempt per second from different IP. What can i do?
Remove a file with <Down> in the name?
How to configure my Elastic Load Balancer to balance SSL traffic?
need an algorithm for collapsing netblock ranges into lists of superset ranges
Does Matlab eig always returns sorted values?
How can I delete Time machine files' extended attributes using commandline?
I can access the css-file but the website is still not applying the classes
How do I work with a remote file system from windows using a GUI?
Scanning streamed data with clamav