On Tue, Aug 04, 2020 at 07:39:53AM -0400, Greg Wooledge wrote:
> On Tue, Aug 04, 2020 at 11:44:04AM +0200, Marco Möller wrote:
> > As my root account is disabled, I do all administration as the "normal" user
> > with the help of sudo for running administrative commands. The user "root"
> > shall not login nowhere, not at the physical console and not by ssh, never.
>
> Remember that this also means you can never boot in single-user ("rescue")
> mode.Right. As someone who actually likes and uses sudo (not everyone does, and there are good reasons to dislike it), this was one of my main critiques of that "root-less" scheme. Sitting in front of a console telling you that / is mounted ro and to enter your root password when you haven't one can be... frustrating :-) OTOH practice has shown: if you're doing sudo, you will have forgotten your root password anyway when you need it (I have, it's some horrible "pwgen -n 16" or something), and it' back to... > If you ever need to boot in quasi-rescue mode, you'll have to > go down even lower and override the init= kernel parameter. ... or to some rescue image. Cheers - t
signature.asc
Description: Digital signature
