Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 13
Hi guys. Can someone tell if there is a way to create a second root account ..but not just some user with root rights ...example - user1=0 ...i dont need ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2006
    Posts
    8

    second root account


    Hi guys. Can someone tell if there is a way to create a second root account ..but not just some user with root rights ...example - user1=0 ...i dont need that
    i need account which must be called "root"?
    i want to have two users called "root" but with different passwords. Is there some program or software which can recognize which root is the real root by its password? I will appreciate this because i really need that. Thanks a lot guys ...

  2. #2
    Linux User DThor's Avatar
    Join Date
    Jan 2006
    Location
    Ca..na...daaa....
    Posts
    319
    Nope, impossible. There is only one root. You also can't have two users which have the same userid, no matter what they're called. How would you expect the system to know which is which, if that's the qualifier that identifies the user to the system?

    I'd be curious to know why you "need" it, though.

    DT

  3. #3
    Just Joined!
    Join Date
    Jun 2006
    Posts
    8
    i expect the system to recognize which one is the real one by its passowrd ...i need second root account for a security reasons ...i mean ....i need to make something like that beacuse if some guy, i dont want to mantion nothing, come and log into my system with the fake one root user - i want one of the directories to be rm -rf in backround only because i dont want this man to see that directory ...if i give him a root user he will think that he have all the rights he need .....but in the same time the directory that i dont want to be seen will be removed immediately after he logs into the system ....if you understand what i mean

  4. $spacer_open
    $spacer_close
  5. #4
    Linux User DThor's Avatar
    Join Date
    Jan 2006
    Location
    Ca..na...daaa....
    Posts
    319
    I understand you completely, but it's the wrong way to deal with it. It's the same in Windows - the "Administrator" account. There doesn't need to be any mystery about who "root" is, what needs to be a mystery is the password. Your concern should be about protecting that, and hardening the system, not trying to play tricks on people. What you're talking about is essentially some sort of "trap" - to fool someone into thinking they've logged in as root. I can't imagine why you'd want to do that, but that's OK, you don't have to say.

    Instead, a better approach would be to monitor traffic to the system in question, and find out from which IP this person is attempting(unsuccessfully) to log in as root. It's a far safer approach.

    Regardless, though, it's literally not possible to do things the way you were asking - the entire Linux kernel depends on the concept of unique userids, and *definitely* no root spoofing - that would be a massive security hole.

    DT

  6. #5
    Just Joined!
    Join Date
    Jun 2006
    Posts
    8
    ok thank you very much!! ...now i have to go i have a meeting... I`ll post again when i am back
    thank you for reply
    but i want to ask you another question about this.

  7. #6
    Just Joined!
    Join Date
    Nov 2006
    Posts
    4

    need second user with the same rights as root

    Hi, I've been on this issue for a while, tried changing the root user name, so that root could not login as such, but as some other name, e.g. admin. But this did not quite work well.

    Anyway, I need a second root user because I am doing periodic backups of the system and that user needs to be able to read ALL files on the system over SSH. I don't want root to be able to login over SSH directly and that other user needs to login without a password for automatic backups. Changing permissions for every file is not a good solution, because then I would have to always add this new user as the group and set read permission to the group on every file. I don't want files to be globally readable and I don't want to muck up the file permissions. There must be a way. There is even a backup user in my /etc/passwd file:

    backup:34:34:backup:/var/backups:/bin/sh

    But that one cannot read all files either. ???

  8. #7
    Linux Enthusiast
    Join Date
    Jun 2005
    Posts
    668
    you don't need another root user either

    even though you have turned off 'rootlogin' in SSHD config, root can still use tools such as rsync,SCP,and others, over SSH.

    sorted.

  9. #8
    Just Joined!
    Join Date
    Nov 2006
    Posts
    4
    OK, I think I might not have been clear enough in what the problem is.

    Machine A has the data to be backed up Machine B wants to connect to A as (say) user backup and copy (rsync) files over ssh. So, B needs to login as a client (ssh backup@A) to A. Since 'ssh root@A' is not allowed the client logging in from B to A cannot copy all files because he doesn't have enough permissions.

    I'm using dirvish by the way.

  10. #9
    Linux Enthusiast
    Join Date
    Jun 2005
    Posts
    668
    I dont get you.

    you do not need root login available to use rsync as root over ssh

  11. #10
    Just Joined!
    Join Date
    Nov 2006
    Posts
    4
    all i want to do is backup with rsync over ssh. isn't there a way to add a user that can read all files but cannot do stuff that root can?

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •