Switch user and elevate to root as a single action?
Set the complex password on the root account. Configure sudo
with the rootpw
option to require root's password instead of the initiator's password.
Then use sudo -s
from your standard account to get root access.
You get your "simple" password for daily use but the more complex one - once - for root access.
Haravikk
Updated on September 18, 2022Comments
-
Haravikk over 1 year
I have a system that is setup to require a password both to elevate to root, and to switch to the only user that can do so, so currently if I need to do something as root from another account I would do the following:
su admin sudo su
The problem with this is that it requires me to enter my password twice, and since my admin account's password is long that makes it prone to mistakes.
What I'm wondering is, assuming the basic setup cannot be changed (i.e- no passwordless
sudo
etc.), is there a way to combine both commands so that I can only have to enter my password once?-
roaima over 6 yearsI know of no way to solve your requirement directly. I would ask though what extra security you think this gains you over a strong(er) password for your usual account and direct access to root using
sudo -s
. -
Haravikk over 6 years@roaima: It's not so much about the security as about convenience; the system in question is macOS, but it could apply to any unix-y system really, where I would prefer to keep root access locked down to a single, probably over-secured account, because it lets me use easier to enter (not necessarily weak) passwords for other accounts, and forces me to stop and think more whenever I do anything with root access. For that reason I like that I still have to enter it under my admin account on occasions where I do use it directly, but when switching in from another account it's a pain.
-