0

While installing Ubuntu I just gave same password whenever it asked for password, and I didn't bothered to see whether root password or user password. Now I have only one user account on my system so I didn't have to bother about types of passwords in any way.

But for some reason I shared the password with friends in the same LAN. Now they are able to establish SSH connection without my consent.

So I just thought of changing the password thinking changing password at single place so that I can use the system in the same way with the new password. But as I looked for it I came to know I can change password individually for Root and the User.

So my doubts are:

  • Do I have to change the password separately for both root and user even if I use same password?
  • If I use different passwords, when exactly I use the user password? only for user login?
  • Which password should I change to avoid SSH connections from others?
muru
  • 197,895
  • 55
  • 485
  • 740
reddi hari
  • 3
  • By default, when installed there is no root password on Ubuntu, so unless one has been set, there never was one (it's originally an invalid password that is impossible to key in). If a root password was set, it's been set after install (and they can be different; it's up to you as at install only a user password is set (with sudo rights, so that user does have ability to add a root password). In your circumstance, I'd nuke your system and start again... as you cannot really know what was done (if they're any good, they'll have made tracks hard to follow for you I'm betting) – guiverc Mar 02 '21 at 07:23

2 Answers2

2

During installation of Ubuntu, you don't set any password for root, the account is disabled for logins and you also don't need that. You can check if that is the case:

sudo passwd -S root

-S, --status
Display account status information. The status information consists of 7 fields. The first field is the user's login name. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P).

If the second field is an L, the account is locked and you don't need to do anything. If the second field has NP or P, you may want to lock it with this command:

sudo passwd -l root

See here for more information on why root is disabled by default in Ubuntu.

Then you can simply change your user password, and you're good.

Another option (or better additional measure) would be to change your ssh-server's settings (in /etc/ssh/sshd_config):

PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes

Also check ~/.ssh/authorized_keys file if your friends installed password-less authentication on your system. However, if you consider your "friends" could have installed some backdoor, you should follow @guiverc's advice ...

pLumo
  • 26,947
  • Thanks a lot. The output for the command is root P 09/21/2020 0 99999 7 -1. So according to you the system has usable password and not locked. But what is locked mean. Why should I lock to change password?. – reddi hari Mar 02 '21 at 10:14
  • See https://askubuntu.com/questions/687249/why-does-ubuntu-have-a-disabled-root-account – pLumo Mar 02 '21 at 10:18
0

By default, when installed there is no root password on Ubuntu, so unless one has been set, there never was one (it's originally an invalid password that is impossible to key in).

If a root password was set, it's been set after install (and they can be different; it's up to you as at install only a user password is set (with sudo rights, so that user does have ability to add a root password).

In your circumstance, I'd nuke your system and start again... as you cannot really know what was done (if they're any good, they'll have made tracks hard to follow for you I'm betting).

You can create your logins so they require keys (and not passwords), however I'd still start afresh via re-install.

guiverc
  • 30,396
  • 1
    Nuke the system due to "friends in the same LAN" ? Isn't that a bit too much? If they are that bad, I wouldn't want them as friends. However, if you do that, you should also advice to use Full-disk-encryption, otherwise it is useless, and friends with physical access can do anything anyways. – pLumo Mar 02 '21 at 07:30
  • Maybe it is, but if I have any doubts, I'd start again. I don't know all the circumstances of the OP or how trusthworthy the friends are, or how good the physical security is (whether or not full disk encryption should also be used - great point @pLumo) but it's my reaction. If the OP gave the password seeking help from the friends, my reaction is extreme yes, but it's my reaction/suggestion. – guiverc Mar 02 '21 at 07:35