I guess as the root password is default user account password (if i am wrong correct me) in terminal when I type su it asks me password when I enter my password it says Authentication failure why is it happening??
Asked
Active
Viewed 2.7k times
1 Answers
2
By default Ubuntu does not set up a root password and therefore you don't get the ability to log in as root. Instead you are given the ability to perform tasks with superuser privileges using sudo.
I've answered a similar question before.
While you can create a password for the root account allowing you to log in as root with su, this isn't the typical "Ubuntu" way of doing things.
Sudo is an alternative to giving people a root password in order to perform superuser duties. In a default Ubuntu install the person who installed the OS is given "sudo" permission by default.
Anybody with "sudo" permission may perform something "as a superuser" by pre-pending sudo to their command. For instance, to run apt-get dist-upgrade as a superuser, you could use:
sudo apt-get dist-upgrade
You will see this usage of sudo pretty much anywhere you read a tutorial about Ubuntu on the web. It's an alternative to doing this.
su
apt-get dist-upgrade
exit
With sudo, you choose in advance which users have sudo access. There is no need for them to remember a root password, as they use their own password. If you have multiple users, you can revoke one's superuser access just by removing their sudo permission, without needing to change the root password and notify everyone of a new password. You can even choose which commands a user is allowed to perform using sudo and which commands are forbidden for that user. And lastly, if there is a security breach it can in some cases leave a better audit trail showing which user account was compromised.
Sudo makes it easier to perform a single command with superuser privileges. With su, you permanently drop to a superuser shell which must be exited using exit or logout. This can lead to people staying in the superuser shell for longer than necessary just because it's more convenient than logging out and in again later.
With sudo, you still have the option of opening a permanent (interactive) superuser shell with the command:
sudo su
... and this can still be done without any root password, because sudo gives superuser privileges to the su command.
And similarly, instead of su - for a login shell you can use sudo su - or even sudo -i.
However when doing so you just need to be aware that you are acting as a superuser for every command. It's a good security principle not to stay as a superuser for longer than necessary, just to lessen the possibility of accidentally causing some damage to the system (without it, you can only damage files your user owns).
Just to clarify, you can, if you choose, give the root user a password allowing logins as root, if you specifically want to do things this way instead. I just wanted to let you know about the Ubuntu convention of preferring sudo instead and let you know that there is an alternative.
thomasrutter
- 36,774