Not only is this blog post a little reminder for people with servers to change their passwords once every so often, but it also explains how I’ve done it on my Ubuntu 14.04 LTS server the other day. I thought it was worth sharing.
First of all, make sure you have a regular user on your system that is setup to have access to sudo su, and can su. Perhaps test this first. Additionally, change the sshd port on the server to something else, and while you’re at it, disallow root logging in through ssh.
Secondly, after testing it, make sure you have the old password written down, and that you’ve generated a new strong and unique password for your root user. Write this new password down in your password manager as well.
Let’s get started. Remote connect with the regular user to the server via ssh, on the correct port. And then login to the root account:
mrfloris@imac:~$ ssh -l normaluser example.com -p 22332
mrfloris@floris:~$ whoami mrfloris mrfloris@floris:~$ su Password: ************ root@floris:~# whoami root
Now that we have logged in, and double checked who we are on the server, and logged in to the root account, we can go ahead and change its credentials with the passwd command:
root@floris:~# passwd Enter new UNIX password: ************ Retype new UNIX password: ************ passwd: password updated successfully root@floris:~#
You can now type
exit, to leave the shell, you will be back in the regular user shell. You can type
exit again to also leave that shell. You can now remote login to the server and try the
su command again, the old password shouldn’t work, and the new password should work.
The key difference between
Su switches you to the root user account and requires the root account’s password.
Sudo runs a single command with root privileges. It doesn’t switch to the root user or require a separate root user password