1

Is it possible to install (and later maintain) Arch Linux (or some of its derivatives) without ever setting root password - using only user account and sudo? The same way it's done in Ubuntu and many others.

To me this seems like obvious security improvement but all the docs I've found so far require setting root password.

god
  • 232
  • 3
  • 10
  • 2
    Just disable it after the install is done and you have configured an account and sudo. `usermod -p '!' root` sets root to have a disabled password. – Zoredache Jun 19 '16 at 21:07
  • If that's so trivial than why it's enabled in default install in a first place? Running "sudo passwd root" after install would be even easier. – god Jun 19 '16 at 21:34

1 Answers1

1

As Zoredache pointed out in the comments you can disable root's password during install by running usermod -p '!' root.

As for why it's not done by default, it's because Arch Linux is a "do it yourself" distribution that imposes little defaults (it's pretty much plain Linux + systemd + a package manager), and by default Linux needs to have a root (or more specifically, UID 0) account and comes with no password so in turn login is allowed by PAM without prompting for one.

André Borie
  • 769
  • 1
  • 7
  • 22