You are Here:
Linux Lite 6.6 FINAL Released - Support for 22 Languages Added - See Release Announcement Section



Security - LL has one password - other distros can have more ...

Author (Read 4410 times)

0 Members and 1 Guest are viewing this topic.

Re: Security - LL has one password - other distros can have more ...
« Reply #6 on: February 22, 2018, 10:14:48 AM »
 

bitsnpcs

  • Platinum Level Poster
  • **********
  • 3237
    Posts
  • Reputation: 305
    • View Profile
    • Try to Grow

  • Kernel: 4.x
Do either of you have different passwords for login and admin (root) on LL?

Mike

Hello,

I use no password for login or indeed no login screen on LL.
I use only the single master password as @Jerry explains on LL.

When I'm afk I unplug the ethernet cable from the router, the desktop has no wifi or bluetooth card inside.
« Last Edit: February 22, 2018, 10:27:34 AM by bitsnpcs »
 

Re: Security - LL has one password - other distros can have more ...
« Reply #5 on: February 22, 2018, 06:33:59 AM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 8775
    Posts
  • Reputation: 801
  • Linux Lite Member
    • View Profile
    • Linux Lite OS

  • CPU: Intel Core i9-10850K CPU @ 3.60GHz

  • MEMORY: 32Gb

  • VIDEO CARD: nVidia GeForce GTX 1650

  • Kernel: 5.x
In an operating system that targets Windows users, we will only offer the one master password. See trindads post for more info/logic.

Sent from my Mobile phone using Tapatalk

 

Re: Security - LL has one password - other distros can have more ...
« Reply #4 on: February 22, 2018, 06:13:51 AM »
 

m654321

  • Gold Level Poster
  • *******
  • 893
    Posts
  • Reputation: 86
  • Linux Lite Member, 'Advocate' & Donator
    • View Profile

  • CPU: Intel Pentium [email protected] (2cores) on an Asus X71Q

  • MEMORY: 4Gb

  • VIDEO CARD: Intel GM45 Express Chipset

  • Kernel: 4.x
@bitsnpcs
@trinidad
Many thanks to you both for your replies. Based on what you've said, I guess as a home-user on a home network (not a public or work-based one), and the only user of this PC, the risk in using the same password for login & admin (using sudo command) is relatively low.  However, I do feel more secure with having different login and admin (root) passwords and might set this up when I have a bit of time - if I get stuck I'll come to you later for help  8)

Do either of you have different passwords for login and admin (root) on LL?

Mike
« Last Edit: February 22, 2018, 06:44:11 AM by m654321 »
64bit OS (32-bit on Samsung netbook) installed in Legacy mode on MBR-formatted SSDs (except pi which uses a micro SDHC card):
2017 - Raspberry pi 3B (4cores) ~ [email protected] - LibreElec, used for upgrading our Samsung TV (excellent for the task)  
2012 - Lenovo G580 2689 (2cores; 4threads] ~ [email protected] - LL3.8/Win8.1 dual-boot (LL working smoothly)
2011 - Samsung NP-N145 Plus (1core; 2threads) ~ Intel Atom [email protected] - LL 3.8 32-bit (64-bit too 'laggy')
2008 - Asus X71Q (2cores) ~ Intel [email protected] - LL4.6/Win8.1 dual-boot, LL works fine with kernel 4.15
2007 - Dell Latitude D630 (2cores) ~ Intel [email protected] - LL4.6, works well with kernel 4.4; 4.15 doesn't work
 

Re: Security - LL has one password - other distros can have more ...
« Reply #3 on: February 17, 2018, 09:38:15 AM »
 

trinidad

  • Platinum Level Poster
  • **********
  • 1463
    Posts
  • Reputation: 212
  • Linux Lite Member
    • View Profile
    • dbts-analytics.com

  • CPU: i7 4 cores 8 threads

  • MEMORY: 16Gb

  • VIDEO CARD: Intel HD graphics

  • Kernel: 5.x
Being a regular Debian user with several computers networked together and nodes for random attachment I have always used a root password and user login password and no sudo users. Opinions vary on this subject but a lot of what is discussed on this link goes to the real problem of sudo users on a network. It is important to remember that home users, and small business users really don't have to worry about security of the scope that large businesses do. On a large network it can be argued that more privilege escalated files means more security risk so in that sense sudo is a nuisance. It is also important to remember that any unencrypted system can be hacked into bypassing all the passwords anyway, Linux, Windows, and MAC usually with nothing more than an Ubuntu live disk. Also updates to the root file system load in a root shell, that is they happen in the background on a sudo system without a root password installing when you reboot unseen by you. Some administrators don't like that either, given that it is not simple to interrupt them and that things could be missed.

https://www.beyondtrust.com/blog/unix-linux-privileged-management-should-you-sudo-heres-what-it-does-and-why-its-not-enough/

TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
 

Re: Security - LL has one password - other distros can have more ...
« Reply #2 on: February 17, 2018, 09:25:26 AM »
 

bitsnpcs

  • Platinum Level Poster
  • **********
  • 3237
    Posts
  • Reputation: 305
    • View Profile
    • Try to Grow

  • Kernel: 4.x
Hello m654321,

you can change this if you wish -

Menu>All>Lite user Manager

create a new user highlight this new user name, and in the right pane of GUI, click to untick the "adm"?

Save changes.
« Last Edit: February 17, 2018, 10:20:07 AM by bitsnpcs »
 

Security - LL has one password - other distros can have more ...
« Reply #1 on: February 17, 2018, 09:04:33 AM »
 

m654321

  • Gold Level Poster
  • *******
  • 893
    Posts
  • Reputation: 86
  • Linux Lite Member, 'Advocate' & Donator
    • View Profile

  • CPU: Intel Pentium [email protected] (2cores) on an Asus X71Q

  • MEMORY: 4Gb

  • VIDEO CARD: Intel GM45 Express Chipset

  • Kernel: 4.x
I was wondering the other day how security works with LL and the privileges/access to computer that the password provides.


LL has 1 password which is used to login with - the same password is used as a root/admin password. How does that work? Surely having the same password for both means that the distro is therefore vulnerable as permission is given, following logon, for anything out there to make changes to your computer ... ???

Comparing with two other distros that I have been using:
 
PCLinuxOS has 3 passwords: a Security password (for allowing changes to grub); a Root or Admin password, and a separate Login password.

Manjaro has 2 passwords: one for Login and one for Root/Admin privileges.
« Last Edit: February 17, 2018, 01:00:44 PM by m654321 »
64bit OS (32-bit on Samsung netbook) installed in Legacy mode on MBR-formatted SSDs (except pi which uses a micro SDHC card):
2017 - Raspberry pi 3B (4cores) ~ [email protected] - LibreElec, used for upgrading our Samsung TV (excellent for the task)  
2012 - Lenovo G580 2689 (2cores; 4threads] ~ [email protected] - LL3.8/Win8.1 dual-boot (LL working smoothly)
2011 - Samsung NP-N145 Plus (1core; 2threads) ~ Intel Atom [email protected] - LL 3.8 32-bit (64-bit too 'laggy')
2008 - Asus X71Q (2cores) ~ Intel [email protected] - LL4.6/Win8.1 dual-boot, LL works fine with kernel 4.15
2007 - Dell Latitude D630 (2cores) ~ Intel [email protected] - LL4.6, works well with kernel 4.4; 4.15 doesn't work
 

 

-->
X Close Ad

Linux Lite 6.6 FINAL Released - Support for 22 Languages Added - See Release Announcement Section