I'm new to linux and the sysadmin world all together, so I'm looking for some advice and a couple of answers. I set up an EC2 instance running Ubuntu 12.04 and I SSH in via key pair.
First of all, I read through the Ubuntu user management page but it left me with a few questions. I noticed this on the page
Sudo allows an authorized user to temporarily elevate their privileges using their own password instead of having to know the password belonging to the root account.
When I run a sudo command I'm not prompted for a password after using SSH to access my server. I've read not to store passwords for database access (such as for PHP and MySQL) in plain text files, but rather use .cnf files instead with permission set to 600. If someone does manage to get on my server, all they have to do is type in sudo vi /path/to/cnf
and then they can view the password. Is the whole point of that assuming that I have a password for sudo?
Am I supposed to add a password for sudo considering by default I don't have one?
How big of a risk is it for someone being able to SSH into my server considering I'm using UFW to restrict access to port 22 and I'm using a key pair?
Seeing as I used EC2 to set up my Ubuntu server, all of the sources I've seen on adding/changing passwords say by default the one is used from setup. I didn't really set anything up. It was all pre-configured through AWS. Is this an issue?