Results 1 to 4 of 4
  1. #1
    Join Date
    Oct 2004
    Posts
    76

    Disabled Direct Root Login [Problem]

    So, im able to login to root via SU perfectly

    One problem: All my old files and folders are owned by ROOT so that means my SU account named XXX cant edit/add/delete anything from my SFTP because of folder/file permission.

    Is there anyway my SUDO(wheel) account can still edit these files own by ROOT??
    GottaDeal.com - Hot Deals & Coupon Codes. Why Pay Retail?http://www.gottadeal.com/images/bann...eal-234x60.gif

  2. #2
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,750
    Edit the /etc/passwd file and make the GID of the user as 0. Connect to ftp as user after this.

    The entry should be like this. Assuming 500 to be the UID.
    Code:
    user:x:500:500::/home/user:/bin/bash
    Change it as below.
    Code:
    user:x:500:0::/home/user:/bin/bash
    David | www.cliffsupport.com
    Affordable Server Management Solutions sales AT cliffsupport DOT com
    CliffWebManager | Access WHM from iPhone and Android

  3. #3
    Join Date
    May 2008
    Posts
    340
    We would actually suggest changing the ownership of the files and folders which you've uploaded using SFTP to your normal user username using chown,

    chown user.user folder -R
    Basically logging using a normal user account and then switching to use is a security practice in itself or using sudo for performing administrative tasks.
    Changing the primary group of a normal user to root(0) means your normal account password/account gets compromised, the attacker can write/delete files/folders where the group ownership is root. This is not a recommended way and opens a possibility for a compromise.
    Twitter : http://twitter.com/eth1networks
    Contact Us : support[at]eth1.in

  4. #4
    Join Date
    Sep 2007
    Posts
    368

    *

    Quote Originally Posted by david510 View Post
    Edit the /etc/passwd file and make the GID of the user as 0. Connect to ftp as user after this.

    The entry should be like this. Assuming 500 to be the UID.
    Code:
    user:x:500:500::/home/user:/bin/bash
    Change it as below.
    Code:
    user:x:500:0::/home/user:/bin/bash

    Better add in sudo, then no need for userid or groupid making 0, its bit dangerous.

Similar Threads

  1. SSH Keys & Direct root login disabled?
    By gasxtreme in forum Hosting Security and Technology
    Replies: 8
    Last Post: 07-03-2008, 06:24 PM
  2. Help with disabling direct root login
    By hbhb in forum Hosting Security and Technology
    Replies: 19
    Last Post: 04-17-2008, 11:27 AM
  3. Disable Direct Root Login
    By boonchuan in forum Hosting Security and Technology
    Replies: 3
    Last Post: 05-21-2005, 09:56 PM
  4. re-allowing direct root login?
    By milkmycow in forum Hosting Security and Technology
    Replies: 15
    Last Post: 08-02-2004, 12:51 AM
  5. Trust relationship with root login disabled
    By Veus in forum Hosting Security and Technology
    Replies: 3
    Last Post: 02-19-2004, 01:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •