Mailinglist Archive: opensuse-security (396 mails)

< Previous Next >
Secure root alias logins
  • From: keith.anthony.roberts@xxxxxxxxxxx
  • Date: Wed, 15 Jan 2003 20:47:50 +0000 (GMT)
  • Message-id: <Pine.LNX.4.10.10301152044001.236-100000@xxxxxxxxxxxxxx>

To: suse-security@xxxxxxxx
From: keith.anthony.roberts@xxxxxxxxxxx
Subject: Secure root alias logins

Hi everyone!

Surely it would be more difficult for any attacker to break into Linux
if they did not know the username for the root account?

I just wondered if it was possible to make root logins MUCH more secure
with the following suggestions.

When a NEW installation of Linux is done, allow the root user to select
their -*OWN*- unique username for the root account in YaST, instead of the
default 'root' username.

Disallow the use of username 'root' for ALL root superuser logins.

When a superuser logs-in they provide their unique username that they choose
when installing Linux eg. under YaST.

Each login program would need to be modified to reject the username of 'root'.
The login program then checks say, password file for the unique root alias
name (provided by superuser at installation time) and matches this up
with the root account.

If a matching root alias and a valid password for that alias name are present,
then the superuser gets logged into the root account. The root account need
not be touched in any way. The superuser alias name is just used as a
'WRAPPER' to protect the username of root for login purposes only.

Would this be feasable to implement?

This may have been implemented already.

If it has - please let me know.

Thankyou - Keith Roberts.

< Previous Next >