The root account or superuser account is the user account that must be created when installing an operating system and is equipped with the most extensive access rights. This account is not intended for day-to-day use of the system, but only for special administrative tasks because it involves extensive risks. For example, in the guide to Set up a passwordless SSH Login, we have asked the readers to first create another account with privileges. These days, most Linux distributions provide a failsafe protection against accidentally deleting the root directory:
1 2 3 4 | abhishek@thecustomizewindows:~$ sudo rm -rf / [sudo] password for abhishek: rm: it is dangerous to operate recursively on '/' rm: use --no-preserve-root to override this failsafe |
But, such “protection” may completely or partially fail if you are the root user. For running this command, you may have to go to recovery mode to restore the files. Particularly without the latest backup of the server, it is extremely difficult to recover. On this website, we often suggest VPSDime as a web host to the readers. Because they have excellent and fast support which Amazon, Google, Linode, and Digital Ocean will not provide you. Webhosts like Ionnos will charge you $75 for small help.
On Unix-like systems, each user account is associated with a number: the so-called “UID” (User ID). The first user account on each system has the UID 0 and has all rights over the resources of the system on historical Unix systems. Since this account is necessary for the installation of the computer and therefore all files and directories originate from this user account, one can speak of a “root” here. After finishing the installation, you can use this account to manage the system. To work as root, you can either log in or change your identity on the Unix shell with the command.
---
Modern Unix systems, such as Solaris, implement fine-grained rights systems. On such systems, obtaining UID 0 does not necessarily mean obtaining all rights. The user with root rights is the only user on a Unix computer who has unlimited rights, which is particularly important when it comes to file management (file rights, etc.) and the use of system resources (memory, devices). The root is also given a special position in the administration of the kernel as well as process control: The root can change all processes at will, for example by restarting the computer. For a kernel that supports dynamically loadable modules, the root can indirectly interact with next-level kernel space.
If a malicious cracker finds out the user’s password, the user is completely compromised. To hide their presence from the system administrator after a successful attack, attackers use so-called rootkits.
Screenshot: non-root user’s prompt with dollar sign ($)
Typically, the Root user’s prompt differs from that of other users by a trailing hash (#) instead of a dollar sign ($). System administrators refer to this as a root prompt.
Screenshot: root user’s prompt with hash (#)
When installing macOS, an account is created for the system administrator named root and one for the admin with a selectable name. In macOS servers, both accounts receive the same password, while in regular macOS, the root account is not given a password and is locked. The admin is not only denied some things that are possible for root but also vice versa.
When installing Debian, direct use of the root account can also be prevented. Under Debian-based Ubuntu, there isn’t even the option to do anything else during normal installation. For security reasons, however, the admin user group does not have any permissions there other than executing sudo. In this way, its members can temporarily obtain the rights of the superuser. As a rule, sudo is called automatically as soon as the rights of the superuser are required. However, it is possible to permanently activate the root account at any time by assigning it a valid password.
toor is the backwards word for root and represents an alternative root account, especially on BSD derivatives. The account also has the UID 0, but differs from the root account by a different configuration, mainly by a different shell.
Usually, one account (usually root) has a large shell (such as bash or zsh), while the other account (usually toor) has only a minimal shell. The point behind this is to have an account with system administration capabilities ready even if the default shell of one account can no longer be started (for example, if the partition on which the shell is located cannot be mounted). “toor” is also the password for the root account for the well-known BackTrack distributions and, up to version 2020.1, also for Kali Linux. As of version 2020.1, the root is no longer the default account, but Kali with kali as the password.
Tagged With heremww