I should also point out that it would be unwise to completely remove the debian user before getting another regular user completely setup, and tested. keywords: "debian how to add user", will go a long way to help towards this goal.
Also make completely sure you know what you're doing when editing the sudoers file . . . On Tue, May 26, 2015 at 11:27 AM, William Hermans <[email protected]> wrote: > So, some of you may have noticed that using sudo for elevated permissions > no longer requires a passwd. This simplifies things, and I would imagine it > was done on purpose, to keep support mails to a minimum. > > However, I felt that I should let those of you who are relatively new to > Linux / Debian know that this can be very insecure. It really depends > mostly on *if* your beaglebone faces the internet or not. . . > > A couple things you can / should do about this. > > First, you should at minimum change the default passwd for the default > user debian. This is done by using the *passwd* command. Logged in as the > user debian, and in the past you could have simply typed the command, then > enter the new passwd twice, and be done with it. However, I have found out > through hands on experience recently this can be, or just is no longer the > case. What *will* work is as follows: > > debian@beaglebone:~$ *sudo passwd debian* > Enter new UNIX password: > Retype new UNIX password: > passwd: password updated successfully > > Second you *could* completely remove the debian user, and create a new > normal user account. The command for this is *useradd*. I'll leave it up > to you to explore this command yourselves. > > Lastly, there is the *visudo* command: > > debian@beaglebone:~$ sudo visudo > > Then if you scroll down to where you find . . . > > %admin ALL=(ALL) ALL > debian ALL=NOPASSWD: ALL > > *debian ALL=NOPASSWD: ALL *is what defines the behavior. You could > change "debian ALL=NOPASSWD: ALL" so that it is exactly like how %admin( > admin group ) is setup. But I believe all this does is enforce the sudoer > to use their own passwd for elevated privileges Not the root users passwd.. > This behavior can also be changed. I will leave it up to you the reader > however to search the internet using the keywords "debian sudoers file" to > find and read the appropriate documentation. > > > > > > > > -- > For more options, visit http://beagleboard.org/discuss > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
