On Wed, Jun 25, 2008 at 04:42:25PM +0200, Dotan Cohen wrote: > 2008/6/25 Andrei Popescu <[EMAIL PROTECTED]>: > > Maybe it changed, but there used to be no password for the root > > account... > > > > https://help.ubuntu.com/community/RootSudo > > > > no, it hasn't changed. > > > > Nowhere does that document say that there is no password for root.
Quote (emphasis mine): "Since the root account password is locked, this attack becomes essentially meaningless, since *there is no password* to crack or guess in the first place." > what it does say is this: > """By default, the root account password is locked in Ubuntu.""" > > There is a root password, but the user does not know it. There is also specified that you can re-lock your root account (in case you enabled it) with 'sudo passwd -l root' ,----[ man passwd ] | -l, --lock | Lock the named account. This option disables an account by changing the password to a value which matches no | possible encrypted value, and by setting the account expiry field to 1. `---- In theory you're right, the password does have a value, but there is no way you can login using that value. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein)
signature.asc
Description: Digital signature
