I just installed Manjaro and have been delighted with the results so far. Seem very stable and quick on an older pc.
I am coming as a long time user of Ubuntu and never really paid attention to user privileges. Ubuntu gets users to sudo to do administrative tasks and so the installer only asks for username and password.
When I was installing Manjaro I set up my own account with a password and then created a different password for administrative account (root, I guess). I’m concerned that I should have selected ‘Use the same password for the administrative account’. The User Guide stated that the defaults were the best option and I assumed as much.
Was having a separate root password the correct thing to do? I’m really concerned about the security implications of having a separate root password but do not fully understand the implications if I have what seems to be an administrative password (since I can sudo as my regular user to update the system, etc).
Could someone explain to me, theoretically what the concerns are, and practically, should I be changing anything to make the system more secure.
It is actually a good idea to use different passwords, because they are different accounts. Of course, if you have sudo access by way of your own password, then that negates the security advantage of having a separate password for the root user.
The default setting for sudo is to ask for the user’s own password, and it was Ubuntu that introduced this practice, but this is actually unsafe, because it means that if your own account gets compromised, then the attacker would also have full root privileges via sudo by merely using your own password ─ which we’ll assume the attacker has come to know somehow.
One of the first things I myself always do is make sure that sudo requires the target user’s password ─ you can use sudo for doing things under other accounts than the root user, but the root user is the default target if no other account was specified.
So if I use sudo on my system without specifying a target, then it assumes the target is the root account, and then it will prompt me for the root password, which is distinct from my own password.
As for the terminology, the root account is the system administration account and should only ever be logged into for system maintenance tasks. An “administrator account” is an unprivileged user account with sudo access ─ not all user accounts have access to sudo.
‘One of the first things I myself always do is make sure that sudo requires the target user’s password ─ you can use sudo for doing things under other accounts than the root user, but the root user is the default target if no other account was specified.’
So I should then remove sudo privileges from my own account, I’m guessing.
This will mean though that if I’m doing an update I will have to be root. In that instance, will Pamac expect the user password or my root password?
‘it just means you have to remember which password to use’
You are asking a LOT of me to remember 2 passwords…I sometimes forget to put socks on in the morning!
No, you can easily configure this in /etc/sudoers. Just make sure the following line is uncommented, or add the line if it’s not there.
Defaults targetpw # Ask for the password of the target user
I’m not sure about that, because sudo isn’t the only authentication mechanism for elevated privileges. It is possible, if your user is a member of the wheel group, that you can still get by with your user’s own password.
For instance, on my system here ─ with KDE Plasma ─ I’ve set up sudo to require the target account’s password, but there are certain things ─ e.g. TimeShift ─ for which I only need to supply my own account’s password.
Either way, you can simply try it. Give it your own password, and if it doesn’t work, give it the root password. There’s no harm in that.