> On Feb 16, 2017, at 9:19 AM, Den <[email protected]> wrote: > > I'll let you explore how to create a root password, which I recommend. > Obviously those with more knowledge think we commoners, and the owner of the > Pi, should not use.
Well, the problem was that you shot yourself in the foot by running something as root. Maybe they're onto something. sudo is configured on by default for the pi user. Use of sudo instead of using a full root shell (su or sudo bash) or even worse logging in a root is considered best practice for security reasons. Using sudo allows minimal privilege escalation to accomplish a task and consequently minimizes risk. If your pi is to be exposed to the internet, or maybe even on a home network, the passwords _should_ be changed for both the pi and root users. Default passwords are extremely insecure - there are days when I see over 10k brute force login attempts against a dozen or so systems, where attackers are looking for me and my users to rely on default or dumb passwords. -j _______________________________________________ Xastir mailing list [email protected] http://xastir.org/mailman/listinfo/xastir
