0

I am on a Ubuntu 14.04 LTS machine with Mate desktop.

I am enrolled in a Stackskills course named "Linux security and hardening, the practical security guide".

The first security issue mentioned in the physical security section is about Single User Mode: it is said that if someone has physical access to a machine can toggle Single User Mode to login as root directly, without password.

Then it is explained that for systems like Ubuntu 16.04 and following that use systemd instead of init to control the system initialization process it is necessary to edit /lib/systemd/system/emergency.service and /lib/systemd/system/rescue.service, changing sushell in sulogin.

However Ubuntu 14.04 LTS does not use these files, because it uses Upstart instead of systemd. What files should I look at?

How can I force anyone who tries to log in with Single User Mode to enter the root password?

Ravexina
  • 57,256
Asarluhi
  • 1,767

1 Answers1

3

When system is booting into "single user mode" or "1", also in systemd known as rescue.target, you are actually logging-in using "root" user to fix the system issues with the highest rights a user have.

So if you want to Ubuntu ask you for a password while booting into "single user mode", then you have to set a password for "root" user:

sudo passwd root

However, when you have physical access to a system, you can almost do whatever you want with that system, for example instead of using "single user mode", while booting I can send a parameter like: init=/bin/bash to the Kernel and reset the "root" password.

So the best option is to encrypt the system and locking down the room.

To address the question about files, you have to install a version which comes with systemd, Ubuntu 16.04 and above are the ones with support at the time.

Ravexina
  • 57,256