8

Cloud images of some popular operating systems do not let the user to log in as root, yet they use a very standard user name (for example ec2-user, ubuntu) and allow these users to use passwordless sudo.

What is the reason for this choice? Is it more secure than running as root?

Is it hoping that automated attacks will not try these obvious usernames? Is it somehow requiring different permissions to be present at the ssh server? Is this just a piece of marketing to remind me whose services am I using?

Or is it just trying to make me not use root account (hoping I do not use sudo su all the time)?

I am assuming that only ssh keys are used to log in; no passwords.

David
  • 15,814
  • 3
  • 48
  • 73
Julian
  • 83
  • 3
  • There's only one command in my admin user's bash history: `sudo -i`, but I would never enable root login for reasons :P – billc.cn Jan 19 '18 at 19:22

3 Answers3

2

Honestly, this is probably largely an attempt to protect the user against themselves. One of the biggest benefits of "don't run as root" is that mistakes don't (usually) destroy the whole system. (On desktops, this is of limited value -- I'd rather destroy my Apache configuration than all the data in my home directory!) If you are using ec2-user, you at least need to realize you're escalating privileges by using sudo. In that way, it is similar to UAC on Windows for an Administrative account.

David
  • 15,814
  • 3
  • 48
  • 73
1

As a good practice, those services won't allow SSH login with user/pass, so instead they use user/private key. The reason for the passwordless sudo is that you already own the machine, why not give you full access?

luizfzs
  • 261
  • 2
  • 12
1

Historically root is the most abused user-ID ever. If someone attempts to brute force any system, they will start with root.

You mentioned the other anonymous user-IDs and their ability to use root level privileges. These are meant for system processes and are usually not for people.

As a system administrator it is your responsibility that all persons using your system is accountable. This cannot be done using the anonymous user-IDs. A best practice is to create a privileged user-ID. Usually with only the privileges that are needed. Add your ID to the sudoers list.

A privileged SSH access is usually limited from one host (access) to another (destination). The expectation is that because you have exchanged certificates, and the access host is password protected, the SSH link is protected too.

scopedial
  • 216
  • 1
  • 6