How to Disable the Root Account in Linux

Many Linux users are aware of or have heard the phrase “root” before. Essentially “root” is a user that has complete and total control of the entire Linux system, and there’s literally nothing it can’t change. This makes root dangerous and something that only advanced users who understand the implications of root should be using.

For the most part, users don’t have access to the root user. On some mainstream Linux distributions (mainly Ubuntu), there isn’t even a possibility for a user to set up the root password. In fact, they don’t even tell you the password. Linux users are able to bypass this practice by using the sudo command. This command temporarily elevates the user permission so they can run system management tasks without being a root user.

So, with all this in mind, why would we use “root” if sudo is there? The reason is that sudo doesn’t work at the time. Some system commands will only work with the root user. And overall, entering sudo every single time can get tiring, and users often just log in with the root user to get everything done.

Deleting the root user is a security precaution and overall just something that is good to do. It is still possible for users to go around “root,” and this can add a needed piece of security to your system. For example, a Linux computer with a complicated username password and a weak root password is vulnerable to possible security problems or intruders.

linux-root-password-sudo-root-shell

However, having a root user with no password has its advantages. No root password means nobody will be able to log in, thus hackers will never be able to completely mess up a system. Furthermore, users can still get a root shell with sudo by doing sudo -s or sudo su.

Deleting the root password is very simple. To start, open a terminal window and gain root access. Do this with sudo -s. This will give the user root access without logging into the root user. Then, remove the root password with this command:

passwd --lock root

linux-root-password-locking-root-account

This will completely disable the root login. No user has access to it from this point on.

linux-root-password-login-failure

Alternatively, it is possible to delete the current password so no user knows what it is:

passwd -d root

To re-enable root, do:

sudo passwd root

linux-root-password-re-enable

The system asks for a new password, and the root account will be re-enabled on the system with the new password.

When it comes to Linux, or Unix-like operating systems in general, the root user is the most powerful tool. With it the entire system can be modified and tinkered with. This is great for enthusiasts and those who like to take Linux installation and tweak everything. Still, problems can arise. Root can become dangerous when it falls into the wrong hands. Bad things can happen. As a result, only those who truly understand the importance of the root user should use it.

Image credit: 365 x18 My Laptop On ZenWalk Linux

Leave a Reply

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.