Browse Source

No sudoers

Bob Mottram 11 years ago
parent
commit
2257761ab6
1 changed files with 5 additions and 5 deletions
  1. 5
    5
      beaglebone.txt

+ 5
- 5
beaglebone.txt View File

@@ -229,11 +229,10 @@ ssh debian@192.168.1.60
229 229
 su
230 230
 #+END_SRC
231 231
 
232
-Then make a new user.
232
+Then make a new user.  It's a bad idea to add users to the sudo group, because that then means that an attacker potentially only needs to know one password in order to get administrator access to the system.  With no sudoers an attacker needs to know, or be able to obtain, two separate passwords to be able to really compromise the system.
233 233
 
234 234
 #+BEGIN_SRC: bash
235 235
 adduser /username/
236
-adduser /username/ sudo
237 236
 #+END_SRC
238 237
 
239 238
 Exit from the ssh login by typing "exit" a couple of times, then ssh back in as the new user.  Make sure you use a difficult to guess password/phrase, or ideally a randomly generated password used together with a password manager such as KeepassX.
@@ -803,7 +802,8 @@ echo "text/html; lynx -dump -width=78 -nolist %s | sed ‘s/^ //’; copiousoutp
803 802
 Save and exit.
804 803
 
805 804
 #+BEGIN_SRC: bash
806
-sudo emacs /etc/Muttrc
805
+su
806
+emacs /etc/Muttrc
807 807
 #+END_SRC
808 808
 
809 809
 Append the following:
@@ -1555,7 +1555,7 @@ Because hybrid doesn’t support OpenSSL by default, you have to do a manual pat
1555 1555
 1- First we OpenSSL package for ssl certificate
1556 1556
 
1557 1557
 #+BEGIN_SRC: bash
1558
-sudo apt-get install openssl libssl-dev
1558
+apt-get install openssl libssl-dev
1559 1559
 #+END_SRC
1560 1560
 
1561 1561
 2- Second we need hybrid source to patch it:
@@ -2340,7 +2340,7 @@ ps aux | grep mysql
2340 2340
 and use /kill -9 <pid>/ to kill all mysql processes.
2341 2341
 
2342 2342
 #+BEGIN_SRC: bash
2343
-sudo apt-get remove --purge mysql\*
2343
+apt-get remove --purge mysql\*
2344 2344
 apt-get clean
2345 2345
 updatedb
2346 2346
 #+END_SRC