Home > debian > Set up sudo on Debian

Set up sudo on Debian

Debian does not use sudo by default. I like sudo for admin tasks when being logged in as a regular user (mostly based on my experience with Ubuntu) for several reasons:

  • No risk of an open root shell
  • Logging of “who did it”
  • Selective access can be configured flexibly

What I don’t like in Ubuntu is that the sudo password is the regular user’s password and that the root account is actually disabled:

  • We lose one level of security (root password) and the regular user password is often not carefully chosen and maybe not kept secret enough (because maybe friends or family know it to do “regular user stuff” using your account.
  • In a “one admin person” system like your typical laptop or desktop there is no concern that the root password would have to be shared among several admins.

So for these reasons I usually configure a “one admin person” Debian system like this (replace REGULAR_USERNAME with your regular username that will be the admin):

su -
apt-get install sudo
adduser REGULAR_USERNAME sudo
visudo

In the visudo editor edit the “Defaults” line to use “targetpw”:

Defaults env_reset,targetpw

Then exit the root shell, log out as regular user and log in as regular user again (required to activate group membership).

Now your regular user should be able to do everything that root can do using sudo and the root password.

Advertisements
Categories: debian
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: