On Sun, 2012-02-12 at 01:30 +0000, CPK Smithies wrote: > Independently and in collaboration with Paul Tyson, I have now set up or > assisted in the setup of ten Linux machines for others (eight of whom > were converted from M$ (and none of those has complained!)). > > One security feature in Ubuntu that I'm not too keen on is the disabling > of the root account: this is done during the Ubuntu installation process > by setting a random and undisclosed root password. This is certainly an > improvement on early Ubuntu releases, where the root password was left > blank and it was therefore possible to cruise serenely into a root shell > by selecting the "recovery console" boot option. Nevertheless, it > ignores one very fruitful avenue whereby the inexpert user can trash his > system. > > One of my converts (no names, no pack-drill) decided to change his > password. And then he instantly forgot it. He was the only > administrative user on the system. I hadn't set the root password. > (Luckily, he used his machine only for web access, so a reinstall was > not too traumatic.) > > Now, whenever I install a system for someone else, I set a really > unmemorable password for root, write it down, give it to them, and > instruct them to file the paper copy somewhere inaccessible and never > use it unless instructed. > > Criticisms of this approach are welcome. > > Regards to all, > > CPKS > Just to expand on this topic, and learn 'best practice', do you create three partitions,(system, Home/data, and backup) and use something like clonezilla to image the system to the backup partition?
PM. -- Next meeting: Bournemouth, Tuesday 2012-03-06 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread on mailing list: mailto:dorset@mailman.lug.org.uk How to Report Bugs Effectively: http://goo.gl/4Xue
