Ralf Mardorf wrote: > Reading the list for a while, I won the impression that Debian by > default now comes with sudo enabled.
It is one of the two possible choices that can be made during the installation. There isn't a default. The user either chooses to enter a root password and also a user account and user password. Or chooses to only have a user account and user password without a root password. In the latter case, if at install time only a user account and user password is input, then the debian-install will set up sudo. It won't set up sudo if a root password was entered. So whether it is set up after an install depends upon the installation. At install time the dialog help text explains the choice at the time the choice is made. You need to set a password for 'root', the system administration account. A malicious or unqualified user with root access can have disastrous results, so you should take care to choose a root password that is not easy to guess. It shoiuld not be a world found in dictionaries, or a word that could be easily associated with you. A good password will contain a mixture of letters, numbers and punctuation and shouild be changed at regular intervals. The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the "sudo" command. And so for the reader who reads only the first line they will enter a password and sudo will not be configured. However the reader who diligently reads the entire help text will see the last sentence and will be told that leaving it blank will disable it and set up sudo. I think they "buried the lead" on that one. I didn't know about it myself for years until someone on this list taught me about it. But I always set up sudo even if the installer doesn't. Bob
signature.asc
Description: Digital signature
