Koozali.org: home of the SME Server

Renaming the 'admin' account'

James

Renaming the 'admin' account'
« on: May 05, 2002, 11:00:53 AM »
I would like there to be an option to change the 'admin' account to somthing else that the user chooses. This way I think more people would use the sme server.

scotty

Re: Renaming the 'admin' account'
« Reply #1 on: May 06, 2002, 02:42:18 PM »
Why would more people use the sme server just because you can rename the admin user? You could use root if you wanted!!!

Maybe it could be good idea to have a user admin, und we could put more users in this group....

I tend to like the idea af an admin account.....

James Phillips

Re: Renaming the 'admin' account'
« Reply #2 on: June 03, 2002, 05:27:35 PM »
I like the idea of the admin account. I just want to rename it to somthing else such as administrator or smothing that does not collide with admin such as office admin. Also I think your idea about adding a number of users to Admin Group would also be a very good idea...

James Phillips

Zeb Fletcher

Re: Renaming the 'admin' account'
« Reply #3 on: June 04, 2002, 02:21:29 AM »
I think renaming the account is a good security ideal, especially if you are using the server in a production enviroment. having admin accounts that are easy to guess can lead to some problems, such as a bored user running a brute force tool against the server, by having a common name you have already given him/or her a head start on gettng into your system wether it be from the inside or outside.

Ian Bicking

Just a bit of obscurity
« Reply #4 on: June 11, 2002, 11:12:31 PM »
Changing the administrator's account name is just adding obscurity to the system.  This can confuse some hackers, but it will also confuse everyone else.  The documentation starts needing qualifications (using "admin or the equivalent user" or somesuch).  It increases the amount of information you have to pass on to later administrators, and leaves one more piece of information you can forget.  And changing usernames in Linux is not a good idea, because it messes up all sorts of things -- UID is not widely used, username is the more common way of identifying a user.