0

I'm setting up a small private server which is connected to internet. For security reasons I would like to lock my root account after setting everything up and then use a sudo user for further maintenance of the server.

I use this to lock and unlock the account:

Lock the account: # chage -E 0 root
Unlock the account: # chage -E -1 root

BUT: Everything worked perfectly until next day after I locked the account. My expected cron status mails didn't arrive anymore and in sysfile I just see such entries:

Feb 14 06:25:01 localhost CRON[2468]: Authentication failure

How could I lock the account without disturbing the cron activities??

Using: Debian Jessie (ARMBian) on a Banana Pi.

infinity
  • 1

1 Answers1

0

Use system crontab (/etc/crontab) specifyng root as user, set root as nologin insted of disabling it

Alessandro Carini
  • 312
  • 2
  • 13
  • Thanks for the answer! But I would like to disable it. So under these circumstances, is there a way to still use cron somehow? Or lets say...: Is there an another root-lock-command which sitll allows a working cron? – infinity Feb 15 '16 at 12:44
  • I have to check with a VM at home. I think that by setting shell to nologin you can achieve this result, but I need to try first. – Alessandro Carini Feb 15 '16 at 13:11