All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
ArubaCloud: I locked my self out but don't know why?
Hello,
I was using my non root user to change permissions for www folders and the only thing that I've done is add this user to www-data group so that it could edit those files. After that file writing permissions stopped working and when I tried to login again my user password wasn't valid anymore. Does SSH have some kind of protection or I've done something else I can't remember?
I disabled root access so I tried to access via the recovery console which worked but coudln't remember the root password, of course. I tried to search the panel to reset the root password but I found only this http://kb.arubacloud.com/en/computing/access-to-cloud-servers/resetting-the-access-password-on-a-cloud-server-with-a-debian-or-ubuntu-operating-system.aspx which I honestly didn't understand. I raised a ticket to ask the support the reset it for me, is it possible with vmware? I'm used with OpenVZ and SolusVM where I reset the password from there directly.
Also what is the point of disabling root access if another user (sudoer) once in can type "sudo -i" ?
Thanks
Comments
With root account enabled you only need to guess out the password of it. With sudo you'll have to guess the sudoer's name and password at the same time.
Security is done is layers. By limiting root privileges to one or more specific users you're creating another barrier. Plus keep in mind that
sudo
is not all or nothing--though many do that. You can:sudo ls
you can optionally not require a password for that command).So there's a lot that can be done.
Plus, dare I say, even if you are the admin, it's best to do as much work as you can using user-level privileges... Keeping the use of sudo limited to only the specific commands that require it (e.g.
sudo vim nginx.conf
). This helps you, as the admin, not break things when you're not paying attention, too tired, etc.while limiting sudo to only specific commands may be useful sometimes, it might be not a good idea. For example try running this command in vim